Meeting Notes – Certificate Authority – Experiences, Tips, and Recommendations

Lee Berdick addresses the November RISE meetingAfter a rough two-month hiatus due to weather, RISE swung back into action with a packed November meeting. Thanks to everyone in attendance and to ECPI University Roanoke for hosting the event! Continue reading

Advertisements

Meeting notes – ‘Attacking the Gatekeeper’

This week RISE welcomed Harrison Neal (PatchAdvisor) via video conference to talk about two vulnerabilities he discovered in the RSA authentication agent for IIS. Thanks to R&K Solutions for hosting the event!

RISE meeting photo

Harrison’s was a tale of accidental findings, curiosity, and persistence. Some odd language he found while working on an unrelated task provided a tantalizing thread to pull. Over the next few months, he spent his spare time fuzzing, analyzing encryption schemes, and reading up on named pipes to convert that accidental finding into two CVEs: CVE-2018-1232 and CVE-2018-1234.

The brief exemplified many qualities of successful vulnerability analysis. A curious eye caught an oddly-worded statement. Data gathering ensued using a methodical approach and a common tool set to look for known vulnerabilities, patterns, or unusual signatures as starting points for research. Researching vendor documentation to understand the systems and look for additional attack vectors. Perhaps most importantly – persistence in spending many hours of personal time in trial-and-error working towards a solution. Even if his work hadn’t resulted in two findings, Harrison likely picked up additional knowledge and techniques in the journey for future application.

RISE meeting photo

RISE thanks Harrison for sharing his story with our members. Do you have an idea for an upcoming meeting? Share your stories or expertise! Reach out to us at roanokeinfosec@gmail.com.

May 2018 – Attacking the Gatekeeper

exploits_of_a_mom-xkcd

(source: xkcd.com; Don’t forget Mother’s Day!)

It’s scheduled! Mark your calendars to join us on May 10th at R&K Solutions for more experts sharing their trade craft. Harrison Neal, Security Engineer with PatchAdvisor, joins us to present a couple of (now patched) vulnerabilities he reported in the RSA authentication agent for IIS. If you’re interested in vulnerability research and details you’ll want to be at this meeting. Come for the tech, stay for the networking and refreshments!

Date and Location:
May 10th, 2018 @ 5:30 PM

R&K Solutions
2797 Frontage Rd NW
Roanoke, VA 24017
Google Maps Link

Topic: Attacking the gatekeeper: RSA’s Authentication Agent for IIS

Summary: This presentation will discuss two vulnerabilities recently discovered and patched in RSA’s software to enable two-factor authentication in IIS-hosted web applications. These vulnerabilities could enable an unprivileged domain user to impersonate other users, or crash IIS. While the vulnerabilities are fairly straightforward, there are some peculiarities that will be explored, such as exploiting one vulnerability through a named pipe rather than typical IP sockets. The presentation will also review known available mitigations for administrators.

Speaker Bio: Harrison Neal alternates between pentesting and security research roles, primarily around the DC metro area. His free time is typically spent metaphorically poking bears, enjoying the company of cats, playing Pokemon Go, or getting locked in Shenandoah National Park after hours.

Cyber Security Forum: Web Service Security Best Practices

cyber-security-aug17_post-image

Hello all, this month’s RISE meeting will be a little different, in fact it’s going to be a lot different.  This month we are doubling up with the RBTC.  The RBTC will be hosting a Cyber Security Forum highlighting Web Service Security Best Practices on Tuesday August 8th from 5:30pm – 7:30pm at Virginia Western Community College.  The speaker will be Adam Memisyazici from Virginia Tech.

Not only will this provide a great opportunity to learn more about Web Security but this also provides a great opportunity to rub elbows with likeminded technologist from the Valley.  Please keep in mind that unlike our meetings the RBTC actually needs to you register for this event.  Click on the link provided and register quickly.  Also there is a minor cost to attend but they probably have better snacks and drinks than we do so it’s probably worth it.  In any case, if you can make it I encourage you to attend.

Lastly, I want everyone to understand that that this will not be the norm for us but I do feel that it is a good fit for us this month.  If this works perhaps we will do again sometime in the future, if it doesn’t, well we gave it a shot.   I have provided additional details below.  Please check them out.

 

Link to register for the RBTC event and location info.

https://rbtc.tech/2017/07/cyber-security-forum-august-8/