July and August Recaps

August 19, 2016 / Adam Twitty

After the whirlwind lock picking meetup in June our updates promptly fell off the face of the Earth. Time to remedy that...

Date: July 19, 2016

Presenter: Ralph Collum

Ralph took us on a journey through the perils of our privacy on the inter-webs. After going through the perils we got a lesson in opting out and other methods to reduce our digital footprint. His meme-tastic slide deck and link set can be found here.

July Intro Slides

July Presenter Slides

https://drive.google.com/open?id=0B0segbpNn2mBS3F3OHRQRXhHTHM

Date: August 16, 2016

Presenter: Trey Funderburk

Hot off a Mr. Robot appearance the week before, OpenWRT was the presentation topic for August. Trey gave us an outstanding primer to what OpenWRT is and what it can be used for. Trey's talk showed specific use cases of how powerful and customizable OpenWRT can be. Trey’s slide deck can be found here.

August Intro Slies

Presenter Slides

https://drive.google.com/file/d/0B0segbpNn2mBY3cxZVI4Y1BJOGhXaU92bWpGbkNnbjdfYk9j/view?usp=sharing

Comment 1 Likes

June 21st Meetup Recap

June 25, 2016 / Adam Twitty

What happens when you invite LockFale from North Carolina to join ColaSec for a lock pick village?

Record Breaking attendance, solid lock picking knowledge and Adam with an epic handcuff escape story!

Justin Nordine and Matt Block of LockFale joined us and brought an impressive lock pick village to play in. We learned about physical security and had a chance to try and pick tons of different lock types. Check out the Gallery here. This was one of our biggest turnouts for a meetup with 25 attendees. We want to thank LockFale for doing an awesome job and thanks to all of you for making it out to a great ColaSec meeting.

Once LockFale headed back across state lines, we had a chance to practice what we learned in the bonus round. Somebody “accidentally” double locked the handcuff with the “practice wrist” to Adam. We put all of our lock picking skills to the test then promptly went to find a power drill. After an epic lock pick session that would make an OSHA representative jump off a building, Adam was free! Thank you LockFale.

1 Comment 0 Likes

June 21st Meetup

June 17, 2016 / Adam Twitty

LockFale

Eventbright signup

Our next meetup is this Tuesday, June 21st at 6:00 PM at the USC/Columbia Technology Incubator. Details (http://www.colasec.org/how-to-find-us/)

Our agenda includes our “normal” intro plus some intel on SANS SEC501: Advanced Security Essentials –Enterprise Defender from Corey. Josh went to Myrtle Beach to the Techno Security & Forensic Investigation Conference plus got smoked at NetWars competition. After the intro we have the lock sport group LockFALE from North Carolina joining us and putting on a lockpick village. If you have interest in learning lock picking or want to hone your skills on some cool practice gear, join us Tuesday.

FALE — FALE Association of Locksport Enthusiasts

FALE came together around a common idea of general curiosity and persuasion of the public’s “right to know”. Formally founded in early 2010, the individuals involved in the initial organization already had a history in and love for the practice of locksport and of having a better understanding of the mechanisms we rely on so heavily to keep us secure. Beginning with four members meeting monthly, we have quickly progressed to bi-monthly meetings attended by 15 or more individuals. We talk locks, picks, general security and a smattering of other topics when meeting all towards the end of a better knowledge of and ability to communicate the effectiveness (or lack thereof) of so many security measures in place in current society. We hope that through these conversations and our efforts publicly we will help to educate the larger community on the proper use and understanding of locks and security measures encountered daily.

FALE will be hosting a Lockpick Village where folks can come by to talk about physical security, learn to pick locks or talk about advanced picking techniques and tips. Plenty of locks and spare picks to play with, so be sure to stop by!

http://lockfale.com

Comment 0 Likes

April 19, 2016, meetup agenda - Fire Talks

April 12, 2016 / Timothy De Block

Taken at BSides Nashville by Timothy De Block

Eventbright signup

Our next meetup is a week from today, April 19, 2016, starting at 6:00 PM at our new location, the USC/Columbia Technology Incubator. Details are located on our site (http://www.colasec.org/how-to-find-us/). If you have any questions on how to get there respond to this thread or contact Adam directly.

Our meetup agenda will include our usual intro plus a recap of BSides Nashville.Then we'll move into our four 15-minute Fire Talks for the evening.

Fire Talks

The Powerup your attacks with PowerShell - Ralph Collum

Abstract: We will cover a few PowerShell basics to get everybody warmed up. Then we will explore the hacking methodology starting with reconnaissance and moving through to Post Exploitation using PowerShell.

Using network flow records for good - Jeff Lang

Abstract: As part of real-time traffic monitoring and historic forensic investigations, Network Flow records can be an invaluable asset. Flow records are summary data about all the network traffic that is passing through your network devices to answer questions such as how many hosts are talking, whois is talking to whom, and how often? The main purpose of this FireTalk is to discuss common incidents that might occur on a network and show example Network Flow data for those incidents.

Cyber Horoscope of 2016 with a Focus on Ransomware - Jasun Tate

Abstract: A unorthodox approach at securing an organization from 12 positional facets, with an highlight on strategy deployment from the below:

Threat Intelligence Manager
Backup Manager
CXO
CISO
Front End Developer
Compliance Director
Human Resources
Configuration Manager
Internal Audit
Fraud Examiner
Patch Manager

Fire Talk abstract slacker - Adam Twitty

Abstract: One of the fundamental problems with using the internet is that you don't know where it's been. Who owns the wire, the switch, the router, the server once data leaves your network? How do we protect this information?

This talk will explore the various methods and protocols that we use every day to protect our information and make sure that we know who we are talking to. You'll also learn what the difference is between encoding, hashing, and encryption. Finally we'll explore some of the more obscure ways of obfuscating data that you might not have heard of before.

I'm looking forward to seeing you all there!

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, Fire Talks, infosec, Ransomware, PowerShell, SOC

Hacky Easter challenge

April 05, 2016 / Adam Twitty

On March 30, four of us got together at Grapes & Gallery to try our hand at Hacking-Lab's Hacky Easter challenge. We got through 5 of the 24 challenges before being completely stumped by a Bluejay. But we did have a lot of fun working through the challenges.

If you'd like to join us, you can sign up on the site for free. The challenge includes simple buddy mechanism so you can see how far we've gotten (and how much catching up you have to do!) Our usernames are:

Ndecizion
Coreyoliseffect
paladin_of_pubs
rob0101

We do plan on going back out for a second crack at it. Keep an eye on the list-serve for dates and times. Come join us!

Comment 0 Likes

March 15, 2016, meetup wrap-up

March 18, 2016 / Timothy De Block

We had a really good meeting for our last ColaSec meeting at IT-ology. We set a record for attendance with 22 people showing up for Tuesday's meeting. Josh Huff also gave an excellent talk on OSINT. His slides can be found here. The recording of the meetup can be found below.

We're excited for the opportunity to look for a new venue. We hope to have something locked up in early April if not sooner.

Comment 0 Likes

categories / Meetup
tags / infosec, OSINT, meetup

March 15, 2016, meetup agenda

March 09, 2016 / Timothy De Block

This month one of ColaSec's own, Josh Huff, will put on a presentation regarding Open Source Intelligence (OSINT).

Abstract: Open Source Intelligence – OSINT: The tools and some uses

Open Source Intelligence is defined by the Army as an intelligence discipline that pertains to intelligence produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence and information requirement. That’s a pretty intense way to say that once we find the Open Source Information we use it for a specific purpose. My talk will show you some of the purposes for finding Open Source intelligence and the tools we use to gather it. OSINT is everywhere… for example what information can we pull from a social media post showing a great deal at the gas pump? How bad are those pictures of debit cards where people obscure some of the digits on their card? What can we learn from the Internet of things and what can we do to protect ourselves from leaking this information all over the place? The bonus round includes locating places that our heroes from The Walking Dead snuck around when filming in Atlanta.

Join us for networking from 6:00 - 6:30 at IT-ology. Then the OSINT presentation by Josh Huff beginning at 6:30. Food and beverages will be available. We look forward to seeing you there!

Comment 0 Likes

tags / Meetup Agenda, OSINT

February 16, 2016, meetup wrap-up

February 18, 2016 / Timothy De Block

We had a wonderful meetup this past Tuesday. Csilla Farkas came and gave an awesome presentation on data analytics and privacy. One of the things to come out of the presentation was Latanya Sweeney's work:

Abstract

Alice goes to the hospital in the United States. Her doctor and health insurance company know the details ― and often, so does her state government. Thirty-three of the states that know those details do not keep the information to themselves or limit their sharing to researchers [1]. Instead, they give away or sell a version of this information, and often they’re legally required to do so. The states turn to you as a computer scientist, IT specialist, policy expert, consultant, or privacy officer and ask, are the data anonymous? Can anyone be identified? Chances are you have no idea whether real-world risks exist. Here is how I matched patient names to publicly available health data sold by Washington State, and how the state responded. Doing this kind of experiment helps improve data-sharing practices, reduce privacy risks, and encourage the development of better technological solutions.

There's not really much to report. I will have some pictures up in the gallery soon. It was a really fun night with a really good talk.

Recording of the meetup:

Comment 0 Likes

categories / Meetup
tags / privacy, data analytics

February 16, 2016, meetup agenda - privacy and big data analytics

February 08, 2016 / Timothy De Block

We are very excited to have Csilla Farkas an Associate Professor at the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the Unviersity of South Carolina with as for our next meetup. She will be presenting on privacy issues in the context of big data analytics. An Abstract and more about Csilla can be found below.

Come out for a great talk, infosec fellowship, food, and adult beverages. We meet every third Tuesday at IT-ology at 6:15 p.m. Check out our directions page for how to get to IT-ology and the meeting room.

Abstract

This talk investigates the privacy issues in the context of big data analytics. The need to support data-driven decision making led to the development of sophisticated technologies to collect and analyze large data sets. However, this useful means of analyzing data comes at a cost: sensitive data may be disclosed and individuals' privacy may be violated. Enterprises, organizations and government agencies collect and analyze vast amounts of data with and without the individuals' knowledge. Even if the raw data is properly sanitized, the result of the analysis may reveal information about specific individuals. Privacy preserving data mining methods have been developed to provide useful analytics without violating users' privacy. However, these privacy preserving approaches are still limited with respect to the security problem when data mining results are combined with external knowledge to create security violations. This talk shows some promising approaches that use semantic web technologies 1) to detect undesired inferences due to combining external knowledge with data mining results and 2) to enable individuals (data suppliers) to specify and evaluate privacy preferences in the context of big data analytics.

Bio

Csilla Farkas is an Associate Professor in the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the University of South Carolina . Dr. Farkas’ research interests include information security, data inference problem, financial and legal analysis of cyber crime, and security and privacy on the Semantic Web. She is a recipient of the National Science Foundation Career award. The topic of her award is “Semantic Web: Interoperation vs. Security – A New Paradigm of Confidentiality Threats.” Dr. Farkas actively participates in international scientific communities as program committee member and reviewer.

Csilla Farkas received her PhD from George Mason University, Fairfax. In her dissertation she studied the inference and aggregation problems in multilevel secure relational databases. She received a MS in computer science from George Mason University and BS degrees in computer science and geology from SZAMALK, Hungary and Eotvos Lorand University, Hungary, respectively.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, data analytics, privacy

January 19, 2016, meetup wrap-up

January 21, 2016 / Timothy De Block

Nice turnout for tonight's meeting! pic.twitter.com/lDsbFO4GsM
— Cola InfoSec (@cola_sec) January 19, 2016

We had a really good meeting to kick off 2016. We defined some goals for 2016 including, but not limited to:

malware analysis and reverse engineering
MOAR CTFs
Wireless hacking

Then Josh gave a presentation on OSINT, using me as the target. Here are some of the resources he used:

These are some of the links to the facebook OSINT techniques from Michael Bazzell's website I mentioned in my talk last night.
This is a 75 minute demo where he teaches you the basics of OSINT on facebook
https://inteltechniques.com/intel/demo-FB.html

This is the custom facebook search link that includes the PIPL/API search that I've found usually yields some decent information on most targets:
https://inteltechniques.com/intel/OSINT/facebook.html

Finally, we got into the SANS Holiday Hack Challenge. We had some connection issues and didn't get very far, but we definitely had some fun.

I figured out how hard it is to get scapy on Windows 10.

Here's the recording of our meetup.

1 Comment 0 Likes

categories / Meetup
tags / infosec, CTF, OSINT

January 19, 2016 meetup agenda - Gnome in your Home and OSINT

January 12, 2016 / Timothy De Block

Hello 2016!

We're kicking of the first meeting of the New Year with some OSINT and a hacking challenge.

The plan for this month's meetup, January 19th, 2016, is simple: somplete the SANS Holiday Hack Challenge. The competition might be over, but the fun is still available online. Bring your computers and get ready to have some fun as we work our way through the challenges.

Before that thought, Josh will be giving a short OSINT presentation on yours truly. That's right I told Josh to go find the most embarrassing or most controversial thing online for me.

All that and more for this month's meetup. The fun begins at 6:30 p.m. at IT-ology.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, SANS, CTF

December 15 meetup agenda at the Flying Saucer

December 07, 2015 / Timothy De Block

We've decided to do the same thing we did last year for our December meetup. We will be going to a restaurant to enjoy some food that is not pizza, drinks, and some casual infosec discussion. This year we're going to head to the Flying Saucer Draught Emporium in downtown Columbia.

We've submitted some infosec related questions for trivia. If you wish to participate in trivia we recommend getting to the Flying Saucer by 7:00 p.m. We hope to see everyone there.

Comment 0 Likes

categories / Meetup
tags / meetup, Meetup Agenda, December, infosec

November 17, 2015, meetup wrapup

November 19, 2015 / Timothy De Block

We had an excellent Ask Me Anything with the Catalyst AKA Micheal Santarcangelo. We covered a couple different topics including policy design, passwords, approaching leadership, and much more. Thanks again to Michael for taking time out of his busy schedule to attend the meeting.

Next month we will be doing a more relaxed meetup. We are going to move to a restaurant for dinner, drinks, and some casual discussions on security (among other topics). We will have details soon and hope you can join us.

Comment 0 Likes

tags / infosec, leadership, communication

November 17, 2015, meetup agenda - Catalyst AMA

November 10, 2015 / Timothy De Block

This month Michael Santarcangelo will be joining us for an Ask Me Anything (AMA AKA Q&A AKA Question & Answer) at our November 17, 2015, meetup. Michael currently resides in Myrtle Beach. He contributes regularly to the Security Weekly and the Down the Security Rabbit Hole information podcasts. He's also a contributing editor to CSO online.

His focus is developing exceptions leaders and powerful communicators for the information security community. Check out his website at securitycatalyst.com.

BSides Charleston is this Saturday, November, 14, 2015. Several members of ColaSec plan to be there for the event. We will have short wrap-up on the conference during the opening introductions.

Festivities begin at 6:30 p.m. at IT-ology.

1 Comment 0 Likes

tags / Meetup Agenda, BSides Charleston, Michael Santarcangelo, Leadership, Communication, infosec

October 17, 2015, CTF wrapup

October 19, 2015 / Timothy De Block

ColaSec held its first ever capture the flag event this past Saturday. A huge shoutout goes to Ralph Collum and Training Concepts for making the event possible. Ralph pretty much picked up the idea of a CTF event and ran with it for a touchdown. Also a shoutout to Jeff Lang for doing the Tuesday presentation on CTF basics.

We peaked at 10 people participating during the event and had six people stay for the entire four-hour event. It was a valuable experience that everyone seemed to enjoy. We plan to do more of the events in the future. Right now we're looking at doing them twice a year. Stay tuned for more details.

Here are some thoughts and links from Ralph:

"ColaSec participated in its first CTF this past Saturday. It was a great opportunity to learn some new skills and tools as everyone could learn some new ways to compromise machines and technologies. This was a great opportunity to engaged in learning as oppose to strict lecture and presentations. There were a variety of challenges in the machines everything from web applications, password cracking, forensics and crypto. The list of VM’s available for compromises are listed below in order of target’s assigned to everybody at the meetup. These types of events are actually a critical element of the security professional’s development, helping to build and maintain skills essential to the protection of our institutions. These events offer a more practical way to learning about vulnerabilities and threats and help the individuals participating in them build their skillset and sharpen their tools in testing and assessing networks are services. Most of the CTF exercises follow a common methodology of attacks, which include recon/footprinting, scanning, system hacking/exploitation, post exploitation/privilege escalation, and then finally gaining root level access to the environment. Hopefully, the most important thing that came out of the CTF was that everybody got an opportunity to learn something new and possible find a new way to look at and understand the threats out there. Finally, even though it might seem like some of the challenges were tough through practice, patience, and dedications these CTF’s can be invaluable to the improvement and development of skills in information security."

VM Target #1: https://www.vulnhub.com/entry/de-ice-s1100,8/
VM Target #2: https://www.vulnhub.com/entry/de-ice-s1120,10/
VM Target #3: https://www.vulnhub.com/entry/de-ice-s1140,57/
VM Target #4: https://www.vulnhub.com/entry/pentester-lab-electronic-codebook-ecb,67/
VM Target #5: https://www.vulnhub.com/entry/tr0ll-1,100/
VM Target #8: https://www.vulnhub.com/entry/pentester-lab-xss-and-mysql-file,66/

I've created an events gallery which features some pictures from the CTF event.

Our next meetup will be November 17, 2015. I've confirmed that the security catalyst, Michael Santarcangelo, will be joining us.

Comment 0 Likes

categories / Events
tags / CTF, infosec

October 13, 2015, meetup wrapup - The CTF is coming.

October 14, 2015 / Timothy De Block

Jeff Lang giving a presentation on what one needs to participate in a CTF

We had a wonderful meetup with a couple of new faces.

Before we get to the recap, reminder that this Saturday October 17, 2015, we will be doing our first group CTF at Training Concepts. The address:

250 Berryhill Rd # 502, Columbia, SC 29210

Details are on our "Upcoming Events" page.

Onto the meetup. Josh gave a recap of DerbyCon and then Jeff went over some basics for participating in a CTF. His slides are available here: https://drive.google.com/open?id=16QyVo3UUOTMQyiZqAzBuLp2a_mDP9inkMWNj3JKMXwU

We did a Google Hangout again of the entire meetup if you're interested in watching the presentation.

We look forward to seeing everyone at the CTF Saturday.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF

October 13 and 17, 2015, meetup agenda

October 06, 2015 / Timothy De Block

This month we will be putting on our first CTF event for ColaSec. We will meet October 13, 2015, at 6:30 p.m. at IT-ology for a CTF primer. The primer will be facilitated by Jeff and we'll walk through some basics and ensure Kali and other tools get installed on CTF machines.
Prior to all that Josh will give a presentation on his experiences at DerbyCon.

Schedule and requirements:

October 13 meetup - CTF Primer - IT-ology 6:30 p.m. - 9:00 p.m.

If you have problems loading Kali we can address them at the meeting. Here is a list of other programs that may be useful for the CTF:

nmap
netdiscover
nikto or wikto
wireshark
some form of ssh client
password cracker(online and offline)
netcat
dirbuster
some proxy
cookie editor
steganalysis tool(stegdetect or stegspy)
hex editor
picture viewer(infanview)
debugger(ollydb)
malware analysis(IDA, PEiD, PEView, PEScanner.py)
sqlmap

We will figure out teams at the Tuesday meetup as well.

October 17 CTF - Training Concepts - 1 p.m. to 5 p.m.

Ralph is putting together the CTF using VulnHub. He plans to have 3-4 local VMs with 1-2 additional online CTFs.

We will be at Training Concepts for the actual CTF on Saturday.

250 Berryhill Rd # 502, Columbia, SC 29210

Bring your Kali-loaded laptops or just bring yourself. There will be computers available for people who don't have a laptop to use for the CTF.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF, Meetup Agenda

IT-ology Trends 2015

October 01, 2015 / Timothy De Block

Technology is driving business at an unprecedented speed. But, on an almost daily business, cyber security breaches or hacks are taking place throughout the world. So, how do you protect your business, your family, your self? Join us for Trends 2015 as we explore the important topic of cyber security. Presentations will range from trending topics in cyber security to new technologies. This is a must attend event for C Suite, citizens and technologists!

| Wed,October 28th | IT-oLogy | 1301 Gervais St., Columbia

Morning Keynotes Include:

Creating a Culture of Cyber Security, Michael Kaiser, National Cyber Security Alliance

Did you know it’s National Cyber Security Awareness Month (NCSAM)? Securing the internet is a responsibility we all share, and NCSAM is intended to provide all digital citizens with the resources they need to protect themselves and others online. Learn about how we start to create a culture of cyber security as we have with other issues such as recycling.

South Carolina's Cyber Landscape and Opportunities, General Les Eisner, University of South Carolina

Lessons Learned from Ashley Madison, Jim Salter, Openoid

38 million accounts and 9.7 million credit card transactions from the notorious adultery site leaked this year. How does this affect you? Probably more than you think, whether you were in AM's databases or not. Learn how to manage your data - and its inevitable exposure - in the harsh reality of the internet era.

But It Disappeared!

What REALLY happens when you use apps (such as SnapChat)? Demonstration by top forensic specialists.

Afternoon Sessions:

Citizen

How to Make Your Home and Family Cyber Safe, Michael Kaiser
Passwords in the Internet Age, Jim Salter, Openoid
So You've Been Hacked,Juliana Harris,SC Department of Consumer Affairs

Business

Learn how to put together a cybersecurity plan for your business, how to manage potential issues and more.

Speakers include:
Michael Santarcangelo
Adam Anderson
Greg Meetze,SLED
Jarrett Coco, Nelson Mullins Riley & Scarborough

Technologists

Low Cost Tools for Security Challenges, Timothy De Block, ColaSec
Application Security, Bruce Jenkins, HP
Simple Hacking Techniques Anyone Can Use, Mark Baggett,SANS Institute

Register

Comment 0 Likes

categories / Conference
tags / infosec, IT-ology

September 15, 2015, meetup wrap-up - frameworks for securing things

September 16, 2015 / Timothy De Block

We had an excellent meeting this month. About 14 people showed up and participated. We had a lot to talk about with BSides Augusta happening Saturday, the CTF planning for next month, and the usual infosec news. After that, Ralph Collum gave us an excellent talk on security frameworks and how to choose the best one. We finished with some videos from J4vv4d.

Next months meetup will be slightly different. We're planning to do two days. We'll meet our usual Tuesday, October 13, 2015, but we're also going to meet the following Saturday, October 17, 2015, for some capture the flag (CTF) fun. Details to come soon.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF, security framework

September 15, 2015, meetup agenda - Security Frameworks

September 08, 2015 / Timothy De Block

It's looking like the September meetup is going to be jam-packed month for the ColaSec user group. We will wrap-up BSides Augusta, talk about the October CTF, and have a presentation on security frameworks.

BSides Augusta is this Saturday, September 12, 2015, in Augusta Georgia. It is one of the best well run BSides events out there and I highly recommend the event. Did I mention I'll be speaking at the event? The event is sold out, but has a waiting list. They've recently released some tickets, so who knows.

We're planning a CTF event for October. We will have a Tuesday primer meetup followed up by a CTF competition on the following Saturday. If you would like to participate fill out this Google survey and let us know what weekend in October works best for you: http://goo.gl/forms/ULuA1Jt3im

Finally, we're planning on having a presentation on security frameworks for this months meetup. If you have to decide on a framework for your organization, which one is the best one for your organization?

Comment 0 Likes

categories / Meetup
tags / infosec, security framework, CTF, BSides Augusta