News

Sept 2016 – Bad, Bad USB

/ roanokeinfosec / Leave a comment

Screen_Shot_2014-08-01_at_4.55.11_PM_1024x1024

We are in for a treat in September! Jeremy Dorrough is going to do an updated version of the presentation he did at DEF CON last year.

woo hoo

USB Attack to Decrypt Wi-Fi Communications

Jeremy Dorrough Senior Network Security Architect / Genworth Financial

The term “Bad USB” has gotten some much needed press in last few months. There have been talks that have identified the risks that are caused by the inherent trust between the OS and any device attached by USB. I found in my research that most of the available payloads for the USB rubber ducky would be stopped by common enterprise security solutions. I then set out to create a new exploit that would force the victim to trust my Man-In-The-Middle access point. After my payload is deployed, all Wi-Fi communications will be readable, including usernames, passwords and authentication cookies. The attack will work without the need of elevating privileges, which makes it ideal for corporate environments.

usb-flash-drive-skull-ring-2-Check Flash

Bio: Jeremy has built his career around protecting assets in the most critical IT sectors. He started his career working in a Network Operations Security Center for the US Army. He then went on to work as a Network Security Engineer defending Dominion’s North Anna Nuclear Power Station. He is currently a Senior Network Security Engineer/Architect at Genworth Financial. He is a MBA, CISSP, CEH, GIAC GPPA, CSA CCSK, ABCDEFG… Blah Blah Blah.

Jeremy has spent over 10 years researching and implementing new ways to defend against the latest attacks. He enjoys creating new exploits and feels it makes him a more well-rounded defensive Security Engineer. He is happily married and a father to two soon to be hackers. When he’s not staring at a command prompt, he is busy building and driving demolition derby cars.

Twitter: @jdorrough1

ECPI was kind enough to host this month, the meeting will be on Sept. 8th @ 5:30pm.

August 2016 – Show Me The Money!

/ roanokeinfosec / Leave a comment

Our own Rob Garbee (Bio below) will be presenting Thursday,  August 11th, at R&K Solutions (Google Maps). Rob will be talking about 5 steps to getting the funding you need for IT Security. As we all know getting the funding for personnel or security tools can often be difficult. If you haven’t had a breach everyone often assumes everything is fine. Why do we need all this security stuff? Rob will cover some strategies to win the battle with management to justify the security funding you need.

The_Art_of_War_Running_Press

Bio: Robert Garbee works as a Technical Security Analyst with a mid-tier medical service provider in Roanoke, VA.  In this role, Robert is responsible for managing risk and compliance aspects for both HIPAA related activities and overarching business concerns.   Robert has more than 20 years of experience in information technology and during that time has held IT positions in the banking industry, DOD contracting, and most recently HIPAA security and compliance.  Robert is a graduate of Liberty University with a BMIS degree and holds an ISC2 CISSP certification.  Prior to starting his information technology career Robert served seven years as a crew chief on C-5 Galaxies in the United States Air Force.

June 2016 – Security Architecture: Then and Now

/ roanokeinfosec / Leave a comment

then-and-now

We are ready and set for our next meeting on June 9th.  This meeting will be hosted by our friends at SyCom Technologies:

SyCom Technologies
2800 Electric Rd #103c
Roanoke, VA 24018

Google maps

We will start at our usual time of 5:30pm.  Our speaker this month is Allen Surface and his subject will be Security Architecture: Then and Now.  Allen will walk us through how Security Architectures have changed over the years, where they are headed and how we need to plan for these changes.  Allen is a founding member of RISE and has worked for the past eight years as a solutions architect with SyCom Technologies.  He is currently focused on designing network and security solutions for various customers in both medium and large scale networks.  Prior to moving into his Security Architect role Allen was responsible for implementing hardware solutions such as Intrusion Prevention Systems, Firewalls, and DMVPNs.   What this says is that Allen is one of us!  He is a down in the trenches kind of guy that is willing to share his experiences with us.  Come on out and support one of own and hear his take on where we are all headed as IT Security Professionals.

We’re Growing

/ roanokeinfosec / Leave a comment

growing2

It was awesome to see so many new faces and so many familiar ones at last Thursday’s meeting, thanks again to ECPI for hosting. We ended up running out of chairs!

April meeting1

April meeting2

I hope to see everyone again next month, where we will dive back down in to the weeds and take an in-depth look at Wireshark.

wireshark

Get on the mailing list or check the site for more details once we get them finalized.

When is the Next RISE (Roanoke Information Security Exchange) Meeting?

/ roanokeinfosec

jedi council

We meet every 2nd Thursday of the month at 5:30pm. The meeting location rotates between several local businesses and colleges. Please see below to find out how to get on the email list for the meeting announcements. The meeting locations will also be posted to this site.

What is RISE?

We are a group of Roanoke and NRV Information Security Professionals. We get together the 2nd Thursday every month to discuss current security topics. Meetings are free, usually so is the beer, and they are open to anyone.

How Can I Get Added to the Email List for RISE meetings?

Please send an email to RoanokeInfoSec@gmail.com if you would like to be added to the email notification list.