This November marks 5 years of Roanoke InfoSec Exchange. What started as a simple idea for a free, informal group discussing InfoSec topics has managed to stay alive and continue to draw interest 5 years later. Looking back, this isn’t a trivial feat. One of, if not the, core principles of RISE is maximum inclusion of attendees in the area. Whether you are a seasoned professional, a student, in another career and looking for a change, or just an enthusiast – we want you to attend and benefit from RISE. “Exchange” means the exchange of knowledge for the improvement of our community and profession. We try to stay true to this principle by keeping meetings informal and free from “sales pitches”. When you come to a RISE meeting you should feel you’re getting honest information and free exchange of ideas.
This couldn’t happen without you. Your attendance, enthusiasm, and participation enables RISE to continue. If you are a RISE “elder”, we thank you for your continued participation in the group. If you are relatively new – welcome! We thank you for joining us and helping continue the spirit of InfoSec Exchange.
With your support we hope to continue bringing the community together for time to come. Thank you for your support to RISE and the local InfoSec community!
For December we have asked that Logan Diomedi return and give us an in-depth dive into Burp Suite. As you may remember Logan gave us a quick overview of Burp Suite back in February and many of you requested more so here it is.
Logan Diomedi and Burp Suite, Part 2, Pro Edition
Burp Suite is one of the many free tools available in Kali Linux. Burp Suite allows anyone to test and verify their web applications using various techniques from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities. In this meeting Logan will show us how he uses Burp Suite in his “Red Teaming” pen tests and how you can use the tool to test your own websites.
December 10th @ 5:30pm; This will be a virtual meeting
Logan Diomedi is a 24-year-old Roanoke native and has been in the Information Security world since his early teens. He currently works as a penetration tester for an offensive information-security firm known as Depth Security, where he performs network, application-based, social engineering, and physical penetration testing. Logan is a Capture-the-Flag & HackTheBox regular, and regularly performs infosec-related research in his spare time. Logan has been a RISE attendee for almost 2 years now and has a passion to bring knowledge and resources to the greater Roanoke information security community.
Our next RISE meeting is going to be a great one. Our own Tyler Booth (Hacker Extraordinaire) will be presenting “Hacking a Police Station, From Zero Access to the Evidence Room”. Tyler will be covering one of his favorite Red Team exercises “Hacking a Police Station”. During this exercise Tyler used several hacking techniques to move from outside with no access all the way to the evidence room. The good new for us is that he will be explaining many of these techniques and how he leveraged them.
The meeting will be November 12th, at 5:30pm via WebEx (WebEx info to be released later). Looking forward to virtually seeing you all there.
Tyler Booth is your friendly neighborhood red teamer. He works as a Senior Information Security Consultant at CDW and can never stop hacking things.
To quote Tyler
“I have one cert and wrote a few blog posts on a currently defunct blog (dru1d.ninja). I guess that makes me a bit of an expert, amirite?”
We always ask for new people to step forward and present at a RISE meeting. You bring variety to the group in your experiences and delivery. But maybe you’ve never presented before, or walked away from a bad experience presenting in another forum. You’re looking for advice on how to get back behind the podium. Or you just enjoy an entertaining webcast.
For our next meeting we want to focus on all those remote workers, you know those guys that we kicked out the door in March and April. Now that we have an opportunity to look at what we have done, let’s discuss how well we secured our remote environments? Do you have concerns? Do you have some great ideas to share? This is your time to shine. We want your input and thoughts as we discuss how to secure remote infrastructure. Our speaker well give his thoughts and then we will open it up to discussions and thoughts afterwards.
September 10th, 5:30 PM, WebEx information will be sent via E-Mail
As the COVID-19 pandemic spreads across the US many organizations have reduced their physical employee presence and have moved to a remote workforce. This has resulted in many organizations to hastily provide a remote access solution to their employees. This has also, conversely, increased many organizations attack surface to insider or adversarial activity against their organization. In this talk I will be looking to address common shortfalls of these environments coupled with several war stories and defensive strategies to reduce the exposed risk.
Matt Burch is a seasoned InfoSec veteran with 17yrs of collective experience who has transitioned from defensive to offensive security tactics. This has led Matt to develop an understanding of defensive security challenges in addition to adversarial abuse of these strategies. Matt is a Principle Consultant with Optiv’s Threat Management – Attack and Penetration team. Over the past decade, Matt has fulfilled various Subject Matter Expert (“SME”) positions and currently maintains Optiv’s assessment methodology for Product Security Testing.
We have a great meeting lined up for this month. Tom Weeks or Tweeks as he is more commonly known has arranged for us to have a little fun at the Virginia Cyber Range. You won’t want to miss this one! Meeting time will be Thursday August 13th beginning at 5:30 pm. We will be covering quite a bit in this interactive session so please try to be on time if possible.
This will be a virtual meeting, with WebEx meeting info coming via email to our subscribers.
See below for more details on the event and for TWeeks Bio….
Tom Weeks (aka “Tweeks”), from Virginia Tech & The Virginia Cyber Range will be giving a hands on, Black Hat / White Hat, Cyber Range Workshop on Defending against hackers on public WiFi networks. Each workshop participant will get a Kali Linux VM and a vulnerable Windows 7 VMs running on the VA Cyber Range, and lab handout simulating a vulnerable laptop on a coffee shop or airport public wifi and how to defend against it.
Before joining Virginia Tech as a ‘Director of Future Technology & Community’, Tweeks spent over 17 years at Rackspace, a technical leader in managed cloud computing solutions. At both Rackspace and Virginia Tech, Tweeks has played key roles in technical innovation & design, as well as technical and STEM community outreach.
As a Cyber Range technical leader, Tweeks helps forge new Cyber Range product features, writes VM exercise & lab content, helps test & design cloud VM images, and handles VA state educator technical escalations.
In his free time, Tweeks helps run run and organize multiple, local STEM
communities. He provides community workshops on coding, arduino/electronics, robotics, and IT security at both public and Virginia Tech outreach events, and also holds monthly high power rocket launches at VT’s Kentland Farms.
I know that it seems that RISE has been out of sorts these past few months and the reality is that you’re not wrong. As you know many members of the core RISE team also serve as key team members on various Cyber teams within their own companies. With the onset of the Covid-19 pandemic we have been laser focused on setting up secure remote workforce solutions and protecting network resources as various attack patterns continue to rise. These efforts have resulted in us not being able to dedicate the time needed to ensure that the RISE presentations that you see are both content rich and well-polished. This is not what we desire nor will we continue down this path. I want to assure you RISE is focused on getting you the content that you need and want.
Each month we want to make sure that each presentation is polished and presented with a knowledgeable speaker. We also want to ensure that each meeting provides members an opportunity to socialize, share experiences and create comradery within the local Cyber community. Lastly, I want to assure you that RISE is not going away or losing steam. Your core team members are still dedicated to getting you presentations that are both relevant and content rich. With that being said, I want to let you know that we will need to cancel this week’s presentation. Due to work related duties we were not able to capture the details needed to ensure a polished presentation. This means that we will move forward with our scheduled presentation for July and it should be a good one. Please stay tuned as we will be sending out details within the next few days.
Again, we are sorry that we have had to cancel this week’s presentation and I promise this is not indicative of things to come, this is merely a small speed bump as we traverse these crazy times.
Stay safe and healthy and we look forward to seeing you all in July.
Due to restrictions on public gatherings, this month’s meeting will be virtual. Web conference connection info will be provided via the RISE Email List.
For May we will be presenting on the Good, the Bad and the Ugly of Multi-Factor Authentication or MFA. Seems these days we hear that the solution to all of our remote authentication woes is to deploy MFA. However how easy is it? Some might say it’s super easy, while others have concerns. In this session we will hash out those concerns, discuss success stories and discover some interesting things that the vendors don’t always tell you about. Join us this Thursday May 14 th at 5:30 online to engage in discussion and learning.
We will be meeting at ECPI (thanks Mike) in Roanoke on March the 8th at 5:30 pm. Our speaker will be Allen Surface from World Wide Technology, Inc. Allen will be discussing next generation WAN branch architecture with a focus on security. I spoke to Allen briefly about this methodology and it is honestly quite amazing. If you are a blue teamer responsible for protecting your network you should attend this session, if you are in management and are looking for ways to provide value to your security program, you should attend this session. Ahh heck, just come to the session. I have even included a MS Calendar appointment.
Disclaimer: This session will be vendor agnostic so if your planning on being sold something you won’t find it here.
Anyway, here are the details…
5234 Airport Rd NW #200
Roanoke, VA 24012
March 8th, 2018, 5:30 PM
Topic: Next Generation Wide Area Network (WAN)
Topic Summary: This session will briefly cover next generation WAN branch architecture with a focus on security. The networking industry is quickly transforming. To support digital business, infrastructure and operations leaders for networking must transform their networks from a fixed environment to an agile and intelligent environment that provides visibility and advanced security controls across the wide area network.
BIO: Allen has 20+ years working in the IT industry and now works at World Wide Technology (WWT) as a Consulting Solutions Architect where he focuses on SD-WAN, Security, and Cisco DNA. He has experience consulting in various verticals including large pharmaceuticals, defense contractors, retail, and healthcare.