Join us this Tuesday March 21st at the USC incubator. Food, Drinks and InfoSec start at 6pm. All are welcome. This month Ralph Collum will be teaching us about Becoming a Cyber Warrior:
This presentation encompasses most aspects of what Information Security professionals deal with on a daily basis. It is also heavily focused on what I think is important to finding and maintaining a career as an information security professional.
Note: Audio has echo near end of video. Presenter's slides are available below.
Last month Dr. Csilla Farkas joined us again to talk Security and the Internet of Things. Dr. Farkas provided us with an engaging and interactive talk about an increasingly entertaining InfoSec topic.
Are you living in a smart home? Are you using smart devices to monitor your health? Is your organization considering to increase automation for sensing and controlling operations? While the concept of Internet of Things (IoT) may mean different things to different people, there is a common theme: the need for cybersecurity. The key security challenges are focused on three areas: 1) device vulnerabilities, 2) communication security and trust, and 3) data integrity, security, and privacy. In this talk I present a semantics-based approach to support IoT data integration and security.
The first ColaSec meetup of 2017 is Tuesday January 17th. Join us at 6PM for food, drinks and infosec at the USC Incubator.
Tim DeBlock joins us remotely from Nashville to talk about building an Application Security program:
Management wants a security program setup in the software development life cycle (SDLC). You have very little programing experience. What do you do? This talk will walk through the experience and process of setting up security in a waterfall and agile SDLC, with very little programming experience. We will walk through the high level strategy and dig into some of the resources available to build out a program. We will also cover the successes and lessons learned I’ve had building an application security program from scratch. This talk is for those looking to make an impact in the SDLC.
Thursday December 15th, ColaSec will be meeting at Conquest Brewery at 6pm. Conquest will be tapping our ColaSec custom brew a Scotch Ale called Brewt Force. We will have pulled pork (un-sauced so bring your favorite sauce) with several pot luck sides. December is our informal meetup so bring your friends and family. We have no set speakers or agenda, just show up and help us celebrate another great year of ColaSec as we look forward to an even better 2017.
Malware Analysis with Dan Boynton
ColaSec had an excellent representation at B Sides Charleston over the weekend. Ralph Collum and Josh Huff both gave talks at the conference and several of our members attended the 2 training events as well. Join us 6pm at the Incubator (EventBrite page here). Professional or enthusiast, all are welcome!
David Guirl and Trey Egan present:
Micro$oft LAPS (Local Admin Password Solution)
Join us tonight (10/18/16) 6pm at the USC Incubator. Tonight's agenda includes a quick recap of Louisville antics at Derbycon, updates on our December meetup party plans, and In The News round table discussion. Then David and Trey will present on Security with Microsoft LAPS (Local Admin Password Solution).
ColaSec is for anybody with an interest for Information Security in the Columbia area. Professional or enthusiast all are welcome. Food and Drinks provided as usual...See you there!
Bsides Augusta recap and Josh's DerbyCon Practice Run
Join us this Tuesday the 20th for our September meetup at the Incubator. A handful of members hit the road and went to B Sides Augusta. We watched Lockfale anger the NSA, saw some excellent speakers and attacked Chiron's Pyramid Capture The Flag. (One of our member's may have won an awesome prize as well)
After the B Sides recap, Josh Huff will give us a practice run of his DerbyCon talk - What I Learned by Being an OSINT Creeper. This talk will be given at Derbycon in Louisville in the stable track and was also picked up by B Sides Charleston in November. Josh welcomes any feedback you have as he makes his final adjustments before presenting in Kentucky. Talk outline from Derbycon site - https://www.derbycon.com/events/open-source-intelligence-what-i-learned-by-being-an-osint-creeper/
Food and Beverages start at 6PM. Registration on EventBrite page here.
After the whirlwind lock picking meetup in June our updates promptly fell off the face of the Earth. Time to remedy that...
Date: July 19, 2016
Presenter: Ralph Collum
Ralph took us on a journey through the perils of our privacy on the inter-webs. After going through the perils we got a lesson in opting out and other methods to reduce our digital footprint. His meme-tastic slide deck and link set can be found here.
July Presenter Slides
Date: August 16, 2016
Presenter: Trey Funderburk
Hot off a Mr. Robot appearance the week before, OpenWRT was the presentation topic for August. Trey gave us an outstanding primer to what OpenWRT is and what it can be used for. Trey's talk showed specific use cases of how powerful and customizable OpenWRT can be. Trey’s slide deck can be found here.
What happens when you invite LockFale from North Carolina to join ColaSec for a lock pick village?
Record Breaking attendance, solid lock picking knowledge and Adam with an epic handcuff escape story!
Justin Nordine and Matt Block of LockFale joined us and brought an impressive lock pick village to play in. We learned about physical security and had a chance to try and pick tons of different lock types. Check out the Gallery here. This was one of our biggest turnouts for a meetup with 25 attendees. We want to thank LockFale for doing an awesome job and thanks to all of you for making it out to a great ColaSec meeting.
Once LockFale headed back across state lines, we had a chance to practice what we learned in the bonus round. Somebody “accidentally” double locked the handcuff with the “practice wrist” to Adam. We put all of our lock picking skills to the test then promptly went to find a power drill. After an epic lock pick session that would make an OSHA representative jump off a building, Adam was free! Thank you LockFale.
Our next meetup is this Tuesday, June 21st at 6:00 PM at the USC/Columbia Technology Incubator. Details (http://www.colasec.org/how-to-find-us/)
Our agenda includes our “normal” intro plus some intel on SANS SEC501: Advanced Security Essentials –Enterprise Defender from Corey. Josh went to Myrtle Beach to the Techno Security & Forensic Investigation Conference plus got smoked at NetWars competition. After the intro we have the lock sport group LockFALE from North Carolina joining us and putting on a lockpick village. If you have interest in learning lock picking or want to hone your skills on some cool practice gear, join us Tuesday.
FALE — FALE Association of Locksport Enthusiasts
FALE came together around a common idea of general curiosity and persuasion of the public’s “right to know”. Formally founded in early 2010, the individuals involved in the initial organization already had a history in and love for the practice of locksport and of having a better understanding of the mechanisms we rely on so heavily to keep us secure. Beginning with four members meeting monthly, we have quickly progressed to bi-monthly meetings attended by 15 or more individuals. We talk locks, picks, general security and a smattering of other topics when meeting all towards the end of a better knowledge of and ability to communicate the effectiveness (or lack thereof) of so many security measures in place in current society. We hope that through these conversations and our efforts publicly we will help to educate the larger community on the proper use and understanding of locks and security measures encountered daily.
FALE will be hosting a Lockpick Village where folks can come by to talk about physical security, learn to pick locks or talk about advanced picking techniques and tips. Plenty of locks and spare picks to play with, so be sure to stop by!
Our next meetup is a week from today, April 19, 2016, starting at 6:00 PM at our new location, the USC/Columbia Technology Incubator. Details are located on our site (http://www.colasec.org/how-to-find-us/). If you have any questions on how to get there respond to this thread or contact Adam directly.
Our meetup agenda will include our usual intro plus a recap of BSides Nashville.Then we'll move into our four 15-minute Fire Talks for the evening.
The Powerup your attacks with PowerShell - Ralph Collum
Abstract: We will cover a few PowerShell basics to get everybody warmed up. Then we will explore the hacking methodology starting with reconnaissance and moving through to Post Exploitation using PowerShell.
Using network flow records for good - Jeff Lang
Abstract: As part of real-time traffic monitoring and historic forensic investigations, Network Flow records can be an invaluable asset. Flow records are summary data about all the network traffic that is passing through your network devices to answer questions such as how many hosts are talking, whois is talking to whom, and how often? The main purpose of this FireTalk is to discuss common incidents that might occur on a network and show example Network Flow data for those incidents.
Cyber Horoscope of 2016 with a Focus on Ransomware - Jasun Tate
Abstract: A unorthodox approach at securing an organization from 12 positional facets, with an highlight on strategy deployment from the below:
- Threat Intelligence Manager
- Backup Manager
- Front End Developer
- Compliance Director
- Human Resources
- Configuration Manager
- Internal Audit
- Fraud Examiner
- Patch Manager
Fire Talk abstract slacker - Adam Twitty
Abstract: One of the fundamental problems with using the internet is that you don't know where it's been. Who owns the wire, the switch, the router, the server once data leaves your network? How do we protect this information?
This talk will explore the various methods and protocols that we use every day to protect our information and make sure that we know who we are talking to. You'll also learn what the difference is between encoding, hashing, and encryption. Finally we'll explore some of the more obscure ways of obfuscating data that you might not have heard of before.
I'm looking forward to seeing you all there!
On March 30, four of us got together at Grapes & Gallery to try our hand at Hacking-Lab's Hacky Easter challenge. We got through 5 of the 24 challenges before being completely stumped by a Bluejay. But we did have a lot of fun working through the challenges.
If you'd like to join us, you can sign up on the site for free. The challenge includes simple buddy mechanism so you can see how far we've gotten (and how much catching up you have to do!) Our usernames are:
We do plan on going back out for a second crack at it. Keep an eye on the list-serve for dates and times. Come join us!
We had a really good meeting for our last ColaSec meeting at IT-ology. We set a record for attendance with 22 people showing up for Tuesday's meeting. Josh Huff also gave an excellent talk on OSINT. His slides can be found here. The recording of the meetup can be found below.
We're excited for the opportunity to look for a new venue. We hope to have something locked up in early April if not sooner.
This month one of ColaSec's own, Josh Huff, will put on a presentation regarding Open Source Intelligence (OSINT).
Abstract: Open Source Intelligence – OSINT: The tools and some uses
Open Source Intelligence is defined by the Army as an intelligence discipline that pertains to intelligence produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence and information requirement. That’s a pretty intense way to say that once we find the Open Source Information we use it for a specific purpose. My talk will show you some of the purposes for finding Open Source intelligence and the tools we use to gather it. OSINT is everywhere… for example what information can we pull from a social media post showing a great deal at the gas pump? How bad are those pictures of debit cards where people obscure some of the digits on their card? What can we learn from the Internet of things and what can we do to protect ourselves from leaking this information all over the place? The bonus round includes locating places that our heroes from The Walking Dead snuck around when filming in Atlanta.
Join us for networking from 6:00 - 6:30 at IT-ology. Then the OSINT presentation by Josh Huff beginning at 6:30. Food and beverages will be available. We look forward to seeing you there!
We had a wonderful meetup this past Tuesday. Csilla Farkas came and gave an awesome presentation on data analytics and privacy. One of the things to come out of the presentation was Latanya Sweeney's work:
Alice goes to the hospital in the United States. Her doctor and health insurance company know the details ― and often, so does her state government. Thirty-three of the states that know those details do not keep the information to themselves or limit their sharing to researchers . Instead, they give away or sell a version of this information, and often they’re legally required to do so. The states turn to you as a computer scientist, IT specialist, policy expert, consultant, or privacy officer and ask, are the data anonymous? Can anyone be identified? Chances are you have no idea whether real-world risks exist. Here is how I matched patient names to publicly available health data sold by Washington State, and how the state responded. Doing this kind of experiment helps improve data-sharing practices, reduce privacy risks, and encourage the development of better technological solutions.
There's not really much to report. I will have some pictures up in the gallery soon. It was a really fun night with a really good talk.
Recording of the meetup:
We are very excited to have Csilla Farkas an Associate Professor at the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the Unviersity of South Carolina with as for our next meetup. She will be presenting on privacy issues in the context of big data analytics. An Abstract and more about Csilla can be found below.
Come out for a great talk, infosec fellowship, food, and adult beverages. We meet every third Tuesday at IT-ology at 6:15 p.m. Check out our directions page for how to get to IT-ology and the meeting room.
This talk investigates the privacy issues in the context of big data analytics. The need to support data-driven decision making led to the development of sophisticated technologies to collect and analyze large data sets. However, this useful means of analyzing data comes at a cost: sensitive data may be disclosed and individuals' privacy may be violated. Enterprises, organizations and government agencies collect and analyze vast amounts of data with and without the individuals' knowledge. Even if the raw data is properly sanitized, the result of the analysis may reveal information about specific individuals. Privacy preserving data mining methods have been developed to provide useful analytics without violating users' privacy. However, these privacy preserving approaches are still limited with respect to the security problem when data mining results are combined with external knowledge to create security violations. This talk shows some promising approaches that use semantic web technologies 1) to detect undesired inferences due to combining external knowledge with data mining results and 2) to enable individuals (data suppliers) to specify and evaluate privacy preferences in the context of big data analytics.
Csilla Farkas is an Associate Professor in the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the University of South Carolina . Dr. Farkas’ research interests include information security, data inference problem, financial and legal analysis of cyber crime, and security and privacy on the Semantic Web. She is a recipient of the National Science Foundation Career award. The topic of her award is “Semantic Web: Interoperation vs. Security – A New Paradigm of Confidentiality Threats.” Dr. Farkas actively participates in international scientific communities as program committee member and reviewer.
Csilla Farkas received her PhD from George Mason University, Fairfax. In her dissertation she studied the inference and aggregation problems in multilevel secure relational databases. She received a MS in computer science from George Mason University and BS degrees in computer science and geology from SZAMALK, Hungary and Eotvos Lorand University, Hungary, respectively.
We had a really good meeting to kick off 2016. We defined some goals for 2016 including, but not limited to:
- malware analysis and reverse engineering
- MOAR CTFs
- Wireless hacking
Then Josh gave a presentation on OSINT, using me as the target. Here are some of the resources he used:
These are some of the links to the facebook OSINT techniques from Michael Bazzell's website I mentioned in my talk last night.
This is a 75 minute demo where he teaches you the basics of OSINT on facebook
This is the custom facebook search link that includes the PIPL/API search that I've found usually yields some decent information on most targets:
Finally, we got into the SANS Holiday Hack Challenge. We had some connection issues and didn't get very far, but we definitely had some fun.
I figured out how hard it is to get scapy on Windows 10.
Here's the recording of our meetup.
We're kicking of the first meeting of the New Year with some OSINT and a hacking challenge.
The plan for this month's meetup, January 19th, 2016, is simple: somplete the SANS Holiday Hack Challenge. The competition might be over, but the fun is still available online. Bring your computers and get ready to have some fun as we work our way through the challenges.
Before that thought, Josh will be giving a short OSINT presentation on yours truly. That's right I told Josh to go find the most embarrassing or most controversial thing online for me.
All that and more for this month's meetup. The fun begins at 6:30 p.m. at IT-ology.
We've decided to do the same thing we did last year for our December meetup. We will be going to a restaurant to enjoy some food that is not pizza, drinks, and some casual infosec discussion. This year we're going to head to the Flying Saucer Draught Emporium in downtown Columbia.
We've submitted some infosec related questions for trivia. If you wish to participate in trivia we recommend getting to the Flying Saucer by 7:00 p.m. We hope to see everyone there.