Infosec

DOMination: Weaponizing XSS – July 2025

/ roanokeinfosec

Hope you’re all staying cool in this scorching July heat! While the temperatures outside are blazing, we’ve got a meeting coming up that’s going to be even hotter – in a good, cybersecurity-savvy way, of course!

Prepare to have your minds melted (with knowledge, not the sun!) at our next RISE Cyber Security meeting. We’re thrilled to announce a speaker who’s ready to fire up your understanding of web vulnerabilities.

This month, we’re welcoming the brilliant Ben Eldritch to the stage. He’s bringing a talk with the following details:

DOMination: Weaponizing XSS

Even the smallest input can create a big problem. Oftentimes XSS vulnerabilities are demonstrated by popping an alert box on your screen or sending out document cookies to an external endpoint. But did you know as soon as you get access to the DOM the webpage becomes a blank canvas? The possibilities are endless from background JavaScript execution, mapping internal networks and even assisting in MFA mimicry. Join us as we discuss various techniques that turn simple XSS vulnerabilities into powerful phishing landscapes and advanced threat playgrounds.

Come join us for an evening that’s sure to be illuminating and help you beat the heat of potential cyber threats! We promise it’ll be more refreshing than an ice-cold lemonade on a hot day.

Event Details:

  • Date: Thursday, July 10, 2025
  • Time: 6pm
  • Location: Virginia Western Business/Science Building Room M302
  • Speaker: Ben Eldritch
  • Talk Title: DOMination: Weaponizing XSS

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
July 10th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Looking forward to seeing you there!

September 2023 – Lightning Talks Round 2

/ roanokeinfosec

We are doing our second round of lightning talks this month after the successful first round!

The ⚡two ⚡lightning ⚡talks we have set for this month are:

Common Pentest Wins

In this talk, Logan Diomedi will cover the top 3 things that get penetration testers initial access on tests.

From Paper Jams to Domain Compromise: Abusing Multi-Function Printers

In this talk, Tyler Booth wants to share with you: Whether you manage multi-function printers (MFPs) yourself or delegate the task to an outside vendor, unsecured MFPs pose a significant risk to your environment. This talk explores how attackers can exploit MFP vulnerabilities to gain an initial foothold in an Active Directory domain, potentially escalate privileges, and access sensitive documents.

In other news, there is an upcoming CTF hosted by RBTC on September 7th.  Find out more at:
https://www.rbtc.tech/event/hands-on-security-capture-the-flag-event/

We look forward to seeing you in-person.  If you can’t make it, we will also attempt a google meet session and recording.

Meeting info:

September 14th, 2023 at 5:30pm
Grandin Colab
1327 Grandin Rd SW, Roanoke, VA 24015
https://goo.gl/maps/4JqvZRD6bPUDEZmy5

Hope to see you there!

August 2023 – Lightning Talks Round 1

/ roanokeinfosec

We had more lightning talks submitted than we initially expected! So, we are going to adjust the flow a bit, and split the lightning talks into two great sessions to provide a little more wiggle room for speakers to deliver their material.

The ⚡three ⚡lightning ⚡talks we have set for this month are:

Verify your Verification
Speaker Ben Eldritch shared the following for this talk: “I’ve pentested 3 different webapps over the past few months, and none of them have implemented account/email verification correctly. Here are a few examples of what can go wrong with account creation, and how you can fix it!”

Terraforming your Cyber Landscape
Speaker Aaron McPhall shared the following for this talk: “This talk will cover an introduction to Terraform, and why it should be considered for any cloud enabled organization. Aaron will cover the benefits of infrastructure as code as well and how terraform can be used to enable scaling and security for cloud services.”

DDoS: What you wanted to know but didn’t want to talk to your 13 year old neighbor
Andrew Beard will be leading this talk on DDoS techniques and mitigation.

In other news, there is an upcoming CTF hosted by RBTC on September 7th. Find out more at:
https://www.rbtc.tech/event/hands-on-security-capture-the-flag-event/

We look forward to seeing you in-person. If you can’t make it, we will also attempt a zoom session and recording.

Meeting info:

August 10th, 2023 @ 5:30PM

ECPI University
5234 Airport Rd NW Suite 200, Roanoke, VA 24012
https://goo.gl/maps/T6TikCHLoPQaWXzT7

Hope to see you there!

March 2021 – Quantum Computing – Fact vs Fiction

/ roanokeinfosec

For March 2021 Rob Perry (CISO from Carilion Clinic) returns with an insightful look at quantum computing and how it could potentially change the IT Security landscape.  Never wanting to shy away from the more technical topics Rob’s previous talk regarding BlockChain challenged the most well held beliefs regarding its usage and forced us to look at Block Chain differently.  Now we have an opportunity to see where he will take us in this talk.  Don’t miss a great opportunity to hear from a local industry leader as we cover “Quantum Computing – Fact vs Fiction”.  This meeting will be virtual, and we will send connection details prior to the event. Hope to see you there!

Event Details

March 11th, 2021 @ 5:30pm,


Virtual Event – sign up to RISE email list for connection info

Subject of discussion:

Talk of recent advances in quantum computing has security professionals wondering if encryption algorithms like RSA are now vulnerable and need to be replaced or completely discarded. This talk will provide a brief overview of quantum computing and then pragmatically evaluate whether quantum computing is rewriting the security landscape or if quantum more closely resembles the hype of AI / artificial intelligence. Drinks will be served (virtually), so have your favorite beverage handy.

Robert Perry

Presenter Bio:

Robert Perry is the Chief Information Security Officer (CISO) for Carilion Clinic, one of the largest hospitals and healthcare providers based in southwest Virginia, serving nearly one million in the Virginia community and surrounding areas.

As an expert in the technology industry, Mr. Perry’s charismatic speaking style and passion for technology and cybersecurity have made him a sought after speaker at conferences. Speaking topic range in areas including: cybersecurity systems, and tools, attack and counter attack cybersecurity response systems, authentication and access control.

Mr. Perry is a high performance IT leader with over 20 years’ experience managing cybersecurity, technology systems and networking. His business and technology experience has allowed Mr. Perry to align technology initiatives with corporate and organizational business objectives.

He holds dual masters degrees: Masters in Technology Management and a Masters of Business Administration (MBA). Mr. Perry’s licenses and certificates include: CISSP (retired), CISA, CCSP, and CCNA-Voice

December – Burp Suite, Part 2, Pro Edition

/ roanokeinfosec

For December we have asked that Logan Diomedi return and give us an in-depth dive into Burp Suite.  As you may remember Logan gave us a quick overview of Burp Suite back in February and many of you requested more so here it is. 

Logan Diomedi and Burp Suite, Part 2, Pro Edition

Burp Suite is one of the many free tools available in Kali Linux.  Burp Suite allows anyone to test and verify their web applications using various techniques from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities.  In this meeting Logan will show us how he uses Burp Suite in his “Red Teaming” pen tests and how you can use the tool to test your own websites.

December 10th @ 5:30pm; This will be a virtual meeting

Logan’s Bio

Logan Diomedi is a 24-year-old Roanoke native and has been in the Information Security world since his early teens. He currently works as a penetration tester for an offensive information-security firm known as Depth Security, where he performs network, application-based, social engineering, and physical penetration testing. Logan is a Capture-the-Flag & HackTheBox regular, and regularly performs infosec-related research in his spare time. Logan has been a RISE attendee for almost 2 years now and has a passion to bring knowledge and resources to the greater Roanoke information security community.

July 2020 – Password Attack and Defense

/ roanokeinfosec

We’re back!  RISE is back for the month of July.  Once again, we will be hosting a virtual meeting, but we are hopeful that we will be able to meet in person again very soon.  This month we are going to cover end to end password attack and defense.  So, what does that mean exactly?  First, we will cover how nefarious actors steal your user’s credentials and how they use it, then we will discuss what free tools are available to audit passwords and defend against such attacks.   Topics covered will be things like Hunter.io, Phishing-Frenzy, Password Spraying, Hash-Cat, DPAT, have i been pwned, MFA and others.

This will be a high-level overview of the entire kill chain process however if we determine that more discussion is needed in one area, we will discuss getting it on the calendar for a more in-depth review.  I am looking forward to seeing all of you at the next meeting.  Be on the look out for more information regarding online meeting information.

Meeting scheduled for 5:30 pm, July 9th.  Online meeting details sent via email, please subscribe to the mailing list for more information.

See you all soon

Speaker BIO:

rob

Robert Garbee

Twitter: @robgarbee

RISE: Roanokeinfosec.com

Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va.  In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia.   He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security.   His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH).  Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.

As a founder of the Roanoke Information Security Exchange (RISE) Robert has been asked to present to both local business leaders and community service groups.  Additionally, Robert has provided commentary for featured articles in the Roanoke Times and for WSLS News 10 in Roanoke, VA.

Robert can be contacted via the RISE website at Roanokeinfosec.com, or via email at robgarbee@yahoo.com or via Twitter @robgarbee.

 

 

Black Hills Security – 30 Things to Get You Started

/ roanokeinfosec / Leave a comment

Many new RISE attendees ask how they can get started in InfoSec. Where do I start? What skills do I need. How can I learn new skills? Black Hills InfoSec posted a fantastic curated list of “30 Things to Get You Started”. It covers a variety of areas from log analysis, password cracking, hardware hacking, and more. Content includes blog posts and video to satisfy all types of learners.

It only takes initiative and a few minutes a day to sharpen your skills. RISE can help pair you with the people and tools – all you need to provide is the desire and effort!

CANCELLED – September 2018 – Software Exploitation (Part 2)

/ roanokeinfosec

Biohazard symbol overlayed on some assembly code

Update: Unfortunately we are cancelling the September meeting due to weather. We will reschedule this presentation for our next regular meeting on 11 October.

September is National Preparedness Month – so prepare yourself by joining us at the next RISE meeting to better understand the threats facing your IT systems. We will continue to explore tools and techniques that attackers use to exploit software for code execution and shell access.

Continue reading