December – Burp Suite, Part 2, Pro Edition

For December we have asked that Logan Diomedi return and give us an in-depth dive into Burp Suite.  As you may remember Logan gave us a quick overview of Burp Suite back in February and many of you requested more so here it is. 

Logan Diomedi and Burp Suite, Part 2, Pro Edition

Burp Suite is one of the many free tools available in Kali Linux.  Burp Suite allows anyone to test and verify their web applications using various techniques from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities.  In this meeting Logan will show us how he uses Burp Suite in his “Red Teaming” pen tests and how you can use the tool to test your own websites.

December 10th @ 5:30pm; This will be a virtual meeting

Logan’s Bio

Logan Diomedi is a 24-year-old Roanoke native and has been in the Information Security world since his early teens. He currently works as a penetration tester for an offensive information-security firm known as Depth Security, where he performs network, application-based, social engineering, and physical penetration testing. Logan is a Capture-the-Flag & HackTheBox regular, and regularly performs infosec-related research in his spare time. Logan has been a RISE attendee for almost 2 years now and has a passion to bring knowledge and resources to the greater Roanoke information security community.

November 2020 – Hacking a Police Station, From Zero Access to the Evidence Room

Our next RISE meeting is going to be a great one.  Our own Tyler Booth (Hacker Extraordinaire) will be presenting “Hacking a Police Station, From Zero Access to the Evidence Room”.  Tyler will be covering one of his favorite Red Team exercises “Hacking a Police Station”.  During this exercise Tyler used several hacking techniques to move from outside with no access all the way to the evidence room.  The good new for us is that he will be explaining many of these techniques and how he leveraged them. 

The meeting will be November 12th, at 5:30pm via WebEx (WebEx info to be released later).   Looking forward to virtually seeing you all there.

Tyler’s Bio

Tyler Booth is your friendly neighborhood red teamer. He works as a Senior Information Security Consultant at CDW and can never stop hacking things.

To quote Tyler

“I have one cert and wrote a few blog posts on a currently defunct blog (dru1d.ninja). I guess that makes me a bit of an expert, amirite?”

Webcast: “How to Present” [BHIS]

We always ask for new people to step forward and present at a RISE meeting. You bring variety to the group in your experiences and delivery. But maybe you’ve never presented before, or walked away from a bad experience presenting in another forum. You’re looking for advice on how to get back behind the podium. Or you just enjoy an entertaining webcast.

Check out this webcast from Black Hills Information Security titled “How to Present: Secrets of a Retired SANS Instructor”. John Strand and friends share some of their sage advice from combined years of experience presenting to all manner and sizes of audience. These folks speak at the top conferences, face tough criticism, and know when not to drink the water. Anyone would benefit from the lessons they share – why not take advantage of community wisdom?

After you’ve watched the video send us an email at info@roanokeinfosec.com with your presentation topic for our next meeting!

October 2020 – Defense Against the Dark Arts

Our October meeting will be a joint event with the Roanoke-Blacksburg Technology Council. As this is a special event, please note the special date and time and that registration is required

We work tirelessly to bring you a variety of InfoSec content every month. We talk about blue team, identity management, SIEM, and even legal issues. But we know….we know it’s the dark arts you fancy. This month we’re teaming up with our friends at the Roanoke-Blacksburg Technology Council to bring you a double benny:  deep technical content presented by local talent!

Continue reading

Sept – Securing Virtual Desktop Infrastructure

For our next meeting we want to focus on all those remote workers, you know those guys that we kicked out the door in March and April. Now that we have an opportunity to look at what we have done, let’s discuss how well we secured our remote environments? Do you have concerns? Do you have some great ideas to share? This is your time to shine. We want your input and thoughts as we discuss how to secure remote infrastructure. Our speaker well give his thoughts and then we will open it up to discussions and thoughts afterwards.

Meeting time:

September 10th, 5:30 PM, WebEx information will be sent via E-Mail

Presentation summary:

As the COVID-19 pandemic spreads across the US many organizations have reduced their physical employee presence and have moved to a remote workforce. This has resulted in many organizations to hastily provide a remote access solution to their employees. This has also, conversely, increased many organizations attack surface to insider or adversarial activity against their organization. In this talk I will be looking to address common shortfalls of these environments coupled with several war stories and defensive strategies to reduce the exposed risk.

Speaker BIO:

Matt Burch is a seasoned InfoSec veteran with 17yrs of collective experience who has transitioned from defensive to offensive security tactics. This has led Matt to develop an understanding of defensive security challenges in addition to adversarial abuse of these strategies. Matt is a Principle Consultant with Optiv’s Threat Management – Attack and Penetration team. Over the past decade, Matt has fulfilled various Subject Matter Expert (“SME”) positions and currently maintains Optiv’s assessment methodology for Product Security Testing.

August 2020 – Cyber Range Workshop / Defending against hackers on public WiFi networks

Hello all,
We have a great meeting lined up for this month.  Tom Weeks or Tweeks as he is more commonly known has arranged for us to have a little fun at the Virginia Cyber Range.  You won’t want to miss this one!  Meeting time will be Thursday August 13th beginning at 5:30 pm.  We will be covering quite a bit in this interactive session so please try to be on time if possible.
This will be a virtual meeting, with WebEx meeting info coming via email to our subscribers.
See below for more details on the event and for TWeeks Bio….

Tom Weeks (aka “Tweeks”), from Virginia Tech & The Virginia Cyber Range[1] will be giving a hands on, Black Hat / White Hat, Cyber Range Workshop on Defending against hackers on public WiFi networks[2]. Each workshop participant will get a Kali Linux VM and a vulnerable Windows 7 VMs running on the VA Cyber Range, and lab handout simulating a vulnerable laptop on a coffee shop or airport public wifi and how to defend against it.

Before joining Virginia Tech as a ‘Director of Future Technology & Community’, Tweeks spent over 17 years at Rackspace, a technical leader in managed cloud computing solutions. At both Rackspace and Virginia Tech, Tweeks has played key roles in technical innovation & design, as well as technical and STEM community outreach.
As a Cyber Range technical leader, Tweeks helps forge new Cyber Range product features, writes VM exercise & lab content, helps test & design  cloud VM images, and handles VA state educator technical escalations.
In his free time, Tweeks helps run run and organize multiple, local STEM
communities. He provides community workshops[3] on coding, arduino/electronics, robotics, and IT security at both public and Virginia Tech outreach events, and also holds monthly high power rocket launches at VT’s Kentland Farms.[4]

[1] – https://www.virginiacyberrange.org/

[2] – http://vacr.io/airport-hackers

[3] – https://github.com/LetsCodeBlacksburg

[4] – http://nrvr.org/

July 2020 – Password Attack and Defense

We’re back!  RISE is back for the month of July.  Once again, we will be hosting a virtual meeting, but we are hopeful that we will be able to meet in person again very soon.  This month we are going to cover end to end password attack and defense.  So, what does that mean exactly?  First, we will cover how nefarious actors steal your user’s credentials and how they use it, then we will discuss what free tools are available to audit passwords and defend against such attacks.   Topics covered will be things like Hunter.io, Phishing-Frenzy, Password Spraying, Hash-Cat, DPAT, have i been pwned, MFA and others.

This will be a high-level overview of the entire kill chain process however if we determine that more discussion is needed in one area, we will discuss getting it on the calendar for a more in-depth review.  I am looking forward to seeing all of you at the next meeting.  Be on the look out for more information regarding online meeting information.

Meeting scheduled for 5:30 pm, July 9th.  Online meeting details sent via email, please subscribe to the mailing list for more information.

See you all soon

Speaker BIO:

rob

Robert Garbee

Twitter: @robgarbee

RISE: Roanokeinfosec.com

Robert Garbee is a Cyber Security Engineer working for the Carilion Clinic Information Security Department located in Roanoke Va.  In this role, Robert is responsible for performing threat analysis, network assessments and compliance auditing for enterprise network systems located in various locations scattered across Virginia.   He has more than 25 years of experience in information technology and during that time has held positions in information security, information technology and industrial security.   His certifications have included Microsoft Certified Systems Engineer (MCSE), Cisco Certified Network Associate (CCNA) and most recently Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker(CEH).  Robert is also a graduate of Liberty University and holds a Bachelor of Science degree in Business Management Information Security.

As a founder of the Roanoke Information Security Exchange (RISE) Robert has been asked to present to both local business leaders and community service groups.  Additionally, Robert has provided commentary for featured articles in the Roanoke Times and for WSLS News 10 in Roanoke, VA.

Robert can be contacted via the RISE website at Roanokeinfosec.com, or via email at robgarbee@yahoo.com or via Twitter @robgarbee.

 

 

Meeting Notes – April 2020

Sorry for the delay, folks! We’re working to get back up to speed and ensure we keep you up-to-date with our meeting recaps.

Our April virtual meeting was an overview of Software Defined Wide Area Networking (SD-WAN). Johnny Hatfield and Stephen Watkins of Fortinet joined us to discuss the technology, how it is changing networking, and the benefits it brings to network security. Watch the recording on our YouTube channel:

Link to April meeting YouTube video

If you’d like to get in touch with the speakers:

Johnny Hatfield
Fortinet
Major Account Manager
804-852-3786
jhatfield@fortinet.com

References:

SDxCentral – Articles, white papers, and information on SD-WAN and related technologies