Threats

July 2020 – Password Attack and Defense

/ roanokeinfosec

We’re back!  RISE is back for the month of July.  Once again, we will be hosting a virtual meeting, but we are hopeful that we will be able to meet in person again very soon.  This month we are going to cover end to end password attack and defense.  So, what does that mean exactly?  First, we will cover how nefarious actors steal your user’s credentials and how they use it, then we will discuss what free tools are available to audit passwords and defend against such attacks.   Topics covered will be things like Hunter.io, Phishing-Frenzy, Password Spraying, Hash-Cat, DPAT, have i been pwned, MFA and others.

This will be a high-level overview of the entire kill chain process however if we determine that more discussion is needed in one area, we will discuss getting it on the calendar for a more in-depth review.  I am looking forward to seeing all of you at the next meeting.  Be on the look out for more information regarding online meeting information.

Meeting scheduled for 5:30 pm, July 9th.  Online meeting details sent via email, please subscribe to the mailing list for more information.

See you all soon

Speaker BIO:

rob

Robert Garbee

Twitter: @robgarbee

RISE: Roanokeinfosec.com

Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va.  In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia.   He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security.   His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH).  Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.

As a founder of the Roanoke Information Security Exchange (RISE) Robert has been asked to present to both local business leaders and community service groups.  Additionally, Robert has provided commentary for featured articles in the Roanoke Times and for WSLS News 10 in Roanoke, VA.

Robert can be contacted via the RISE website at Roanokeinfosec.com, or via email at robgarbee@yahoo.com or via Twitter @robgarbee.

 

 

Advertisement

Jan 2018 – SANS Holiday Hack Challenge Party

/ roanokeinfosec / Leave a comment

 

 

PandR

Hope everyone had a great holiday break!  Our next RISE meeting will be this coming Thursday the 11th at 5:30 pm R&K Solutions.  We will be trying our hand at the SANS 2017 Holiday Hack.  Please see the link below to setup your account and then bring your laptop on the 11th.  While we won’t be getting through the entire thing we will have a chance to hang out and share ideas.  This is an excellent opportunity to learn some new chops and to show off the ones you have.   Come on out, you don’t want to miss out on this year’s event.

https://holidayhackchallenge.com/2017

R&K Solutions

2797 Frontage Rd NW

Roanoke, VA 24017

Let’s do this!!!

Pandr2

 

 

Cyber Security Forum: Web Service Security Best Practices

/ roanokeinfosec / Leave a comment

cyber-security-aug17_post-image

Hello all, this month’s RISE meeting will be a little different, in fact it’s going to be a lot different.  This month we are doubling up with the RBTC.  The RBTC will be hosting a Cyber Security Forum highlighting Web Service Security Best Practices on Tuesday August 8th from 5:30pm – 7:30pm at Virginia Western Community College.  The speaker will be Adam Memisyazici from Virginia Tech.

Not only will this provide a great opportunity to learn more about Web Security but this also provides a great opportunity to rub elbows with likeminded technologist from the Valley.  Please keep in mind that unlike our meetings the RBTC actually needs to you register for this event.  Click on the link provided and register quickly.  Also there is a minor cost to attend but they probably have better snacks and drinks than we do so it’s probably worth it.  In any case, if you can make it I encourage you to attend.

Lastly, I want everyone to understand that that this will not be the norm for us but I do feel that it is a good fit for us this month.  If this works perhaps we will do again sometime in the future, if it doesn’t, well we gave it a shot.   I have provided additional details below.  Please check them out.

 

Link to register for the RBTC event and location info.

https://rbtc.tech/2017/07/cyber-security-forum-august-8/

 

Sept 2016 – Bad, Bad USB

/ roanokeinfosec / Leave a comment

Screen_Shot_2014-08-01_at_4.55.11_PM_1024x1024

We are in for a treat in September! Jeremy Dorrough is going to do an updated version of the presentation he did at DEF CON last year.

woo hoo

USB Attack to Decrypt Wi-Fi Communications

Jeremy Dorrough Senior Network Security Architect / Genworth Financial

The term “Bad USB” has gotten some much needed press in last few months. There have been talks that have identified the risks that are caused by the inherent trust between the OS and any device attached by USB. I found in my research that most of the available payloads for the USB rubber ducky would be stopped by common enterprise security solutions. I then set out to create a new exploit that would force the victim to trust my Man-In-The-Middle access point. After my payload is deployed, all Wi-Fi communications will be readable, including usernames, passwords and authentication cookies. The attack will work without the need of elevating privileges, which makes it ideal for corporate environments.

usb-flash-drive-skull-ring-2-Check Flash

Bio: Jeremy has built his career around protecting assets in the most critical IT sectors. He started his career working in a Network Operations Security Center for the US Army. He then went on to work as a Network Security Engineer defending Dominion’s North Anna Nuclear Power Station. He is currently a Senior Network Security Engineer/Architect at Genworth Financial. He is a MBA, CISSP, CEH, GIAC GPPA, CSA CCSK, ABCDEFG… Blah Blah Blah.

Jeremy has spent over 10 years researching and implementing new ways to defend against the latest attacks. He enjoys creating new exploits and feels it makes him a more well-rounded defensive Security Engineer. He is happily married and a father to two soon to be hackers. When he’s not staring at a command prompt, he is busy building and driving demolition derby cars.

Twitter: @jdorrough1

ECPI was kind enough to host this month, the meeting will be on Sept. 8th @ 5:30pm.