February 2024 Presentation Announcement: The Security Hitchhiker’s Guide to Threat Modeling

February 15, 2024 / Adam Twitty

Join us on February 20th @ 6 PM for The Security Hitchhiker’s Guide to Threat Modeling

Presentation Synopsis

Threat modeling is a critical process that helps organizations identify and mitigate potential security threats in the early stages of projects or when a legacy application is discovered with little to no documentation. This presentation aims to serve as a comprehensive introduction to the wonderful galaxy of Threat Modeling. We will explore the fundamental questions: What is threat modeling? Why is it crucial for cybersecurity? How can it be integrated into your development and IT processes effectively? Why do I feel like I'm in preschool again? This presentation will provide you with a structured approach to threat modeling, demystifying the process and breaking it down into manageable steps. We will discuss various methodologies and tools available for threat modeling. Grab your towel and join us for "The Security Hitchhiker's Guide to Threat Modeling." Leave with a clear understanding of how to embark on your threat modeling journey.

About Timothy De Block

Timothy De Block is a seasoned cybersecurity expert with over 15 years of experience in the field. His passion for technology and security led him to a successful career dedicated to safeguarding digital assets and promoting best practices in cybersecurity. His dedication to continuous learning and staying at the forefront of emerging threats has allowed him to become a trusted authority in the industry. Throughout his career, Timothy has held key roles in both public and private sectors, working with leading organizations to strengthen their security posture. He has been instrumental in developing and implementing robust security strategies, threat mitigation plans, and incident response protocols for a diverse range of clients. As a thought leader in the cybersecurity community, Timothy is a sought-after speaker at conferences and seminars, where he shares his insights and practical knowledge on topics such as threat modeling, application security, and other blue team based topics. He is also a published author, contributing articles and research papers to industry publications. Timothy De Block's expertise, dedication, and contributions to the cybersecurity field continue to make a significant impact, ensuring a safer digital environment for all. Whether in boardrooms, classrooms, or the global cybersecurity community, his influence is felt, and his commitment to cybersecurity excellence is unwavering.

How To Join The Meetup

Attending In Person

We are posting all meetups to Meetup.com now so click the link below to see the upcoming events details and information on how to RSVP. Information on where the meetup will be can be found on the Meetup.com event site.

Meetup.com Event Link: https://www.meetup.com/colasec/events/298483882/

Joining Virtually

Our meetups are hosted virtually on Google Meet. The invite for the Google Meet will be sent via email to members of our email list and Slack channel just before the meetup starts. Click HERE to join the email list or HERE to join Slack.

Comment 0 Likes

categories / Meetup
tags / Timothy De Block, Threat Modeling

June 2023 Meetup Announcement!

June 08, 2023 / Adam Twitty

Hey ColaSec members! Join us for a fun social gathering on the 20th at Craft & Draft in Irmo starting around 6 PM. This time, we'll skip the usual presentation and focus on networking and socializing. Don't miss out on this opportunity to meet fellow cybersecurity professionals in a relaxed setting. We can't wait to see you there!

Comment 0 Likes

categories / Meetup
tags / meetup

April 19, 2016, meetup agenda - Fire Talks

April 12, 2016 / Timothy De Block

Taken at BSides Nashville by Timothy De Block

Eventbright signup

Our next meetup is a week from today, April 19, 2016, starting at 6:00 PM at our new location, the USC/Columbia Technology Incubator. Details are located on our site (http://www.colasec.org/how-to-find-us/). If you have any questions on how to get there respond to this thread or contact Adam directly.

Our meetup agenda will include our usual intro plus a recap of BSides Nashville.Then we'll move into our four 15-minute Fire Talks for the evening.

Fire Talks

The Powerup your attacks with PowerShell - Ralph Collum

Abstract: We will cover a few PowerShell basics to get everybody warmed up. Then we will explore the hacking methodology starting with reconnaissance and moving through to Post Exploitation using PowerShell.

Using network flow records for good - Jeff Lang

Abstract: As part of real-time traffic monitoring and historic forensic investigations, Network Flow records can be an invaluable asset. Flow records are summary data about all the network traffic that is passing through your network devices to answer questions such as how many hosts are talking, whois is talking to whom, and how often? The main purpose of this FireTalk is to discuss common incidents that might occur on a network and show example Network Flow data for those incidents.

Cyber Horoscope of 2016 with a Focus on Ransomware - Jasun Tate

Abstract: A unorthodox approach at securing an organization from 12 positional facets, with an highlight on strategy deployment from the below:

Threat Intelligence Manager
Backup Manager
CXO
CISO
Front End Developer
Compliance Director
Human Resources
Configuration Manager
Internal Audit
Fraud Examiner
Patch Manager

Fire Talk abstract slacker - Adam Twitty

Abstract: One of the fundamental problems with using the internet is that you don't know where it's been. Who owns the wire, the switch, the router, the server once data leaves your network? How do we protect this information?

This talk will explore the various methods and protocols that we use every day to protect our information and make sure that we know who we are talking to. You'll also learn what the difference is between encoding, hashing, and encryption. Finally we'll explore some of the more obscure ways of obfuscating data that you might not have heard of before.

I'm looking forward to seeing you all there!

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, Fire Talks, infosec, Ransomware, PowerShell, SOC

March 15, 2016, meetup wrap-up

March 18, 2016 / Timothy De Block

We had a really good meeting for our last ColaSec meeting at IT-ology. We set a record for attendance with 22 people showing up for Tuesday's meeting. Josh Huff also gave an excellent talk on OSINT. His slides can be found here. The recording of the meetup can be found below.

We're excited for the opportunity to look for a new venue. We hope to have something locked up in early April if not sooner.

Comment 0 Likes

categories / Meetup
tags / infosec, OSINT, meetup

February 16, 2016, meetup wrap-up

February 18, 2016 / Timothy De Block

We had a wonderful meetup this past Tuesday. Csilla Farkas came and gave an awesome presentation on data analytics and privacy. One of the things to come out of the presentation was Latanya Sweeney's work:

Abstract

Alice goes to the hospital in the United States. Her doctor and health insurance company know the details ― and often, so does her state government. Thirty-three of the states that know those details do not keep the information to themselves or limit their sharing to researchers [1]. Instead, they give away or sell a version of this information, and often they’re legally required to do so. The states turn to you as a computer scientist, IT specialist, policy expert, consultant, or privacy officer and ask, are the data anonymous? Can anyone be identified? Chances are you have no idea whether real-world risks exist. Here is how I matched patient names to publicly available health data sold by Washington State, and how the state responded. Doing this kind of experiment helps improve data-sharing practices, reduce privacy risks, and encourage the development of better technological solutions.

There's not really much to report. I will have some pictures up in the gallery soon. It was a really fun night with a really good talk.

Recording of the meetup:

Comment 0 Likes

categories / Meetup
tags / privacy, data analytics

February 16, 2016, meetup agenda - privacy and big data analytics

February 08, 2016 / Timothy De Block

We are very excited to have Csilla Farkas an Associate Professor at the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the Unviersity of South Carolina with as for our next meetup. She will be presenting on privacy issues in the context of big data analytics. An Abstract and more about Csilla can be found below.

Come out for a great talk, infosec fellowship, food, and adult beverages. We meet every third Tuesday at IT-ology at 6:15 p.m. Check out our directions page for how to get to IT-ology and the meeting room.

Abstract

This talk investigates the privacy issues in the context of big data analytics. The need to support data-driven decision making led to the development of sophisticated technologies to collect and analyze large data sets. However, this useful means of analyzing data comes at a cost: sensitive data may be disclosed and individuals' privacy may be violated. Enterprises, organizations and government agencies collect and analyze vast amounts of data with and without the individuals' knowledge. Even if the raw data is properly sanitized, the result of the analysis may reveal information about specific individuals. Privacy preserving data mining methods have been developed to provide useful analytics without violating users' privacy. However, these privacy preserving approaches are still limited with respect to the security problem when data mining results are combined with external knowledge to create security violations. This talk shows some promising approaches that use semantic web technologies 1) to detect undesired inferences due to combining external knowledge with data mining results and 2) to enable individuals (data suppliers) to specify and evaluate privacy preferences in the context of big data analytics.

Bio

Csilla Farkas is an Associate Professor in the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the University of South Carolina . Dr. Farkas’ research interests include information security, data inference problem, financial and legal analysis of cyber crime, and security and privacy on the Semantic Web. She is a recipient of the National Science Foundation Career award. The topic of her award is “Semantic Web: Interoperation vs. Security – A New Paradigm of Confidentiality Threats.” Dr. Farkas actively participates in international scientific communities as program committee member and reviewer.

Csilla Farkas received her PhD from George Mason University, Fairfax. In her dissertation she studied the inference and aggregation problems in multilevel secure relational databases. She received a MS in computer science from George Mason University and BS degrees in computer science and geology from SZAMALK, Hungary and Eotvos Lorand University, Hungary, respectively.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, data analytics, privacy

January 19, 2016, meetup wrap-up

January 21, 2016 / Timothy De Block

Nice turnout for tonight's meeting! pic.twitter.com/lDsbFO4GsM
— Cola InfoSec (@cola_sec) January 19, 2016

We had a really good meeting to kick off 2016. We defined some goals for 2016 including, but not limited to:

malware analysis and reverse engineering
MOAR CTFs
Wireless hacking

Then Josh gave a presentation on OSINT, using me as the target. Here are some of the resources he used:

These are some of the links to the facebook OSINT techniques from Michael Bazzell's website I mentioned in my talk last night.
This is a 75 minute demo where he teaches you the basics of OSINT on facebook
https://inteltechniques.com/intel/demo-FB.html

This is the custom facebook search link that includes the PIPL/API search that I've found usually yields some decent information on most targets:
https://inteltechniques.com/intel/OSINT/facebook.html

Finally, we got into the SANS Holiday Hack Challenge. We had some connection issues and didn't get very far, but we definitely had some fun.

I figured out how hard it is to get scapy on Windows 10.

Here's the recording of our meetup.

1 Comment 0 Likes

categories / Meetup
tags / infosec, CTF, OSINT

January 19, 2016 meetup agenda - Gnome in your Home and OSINT

January 12, 2016 / Timothy De Block

Hello 2016!

We're kicking of the first meeting of the New Year with some OSINT and a hacking challenge.

The plan for this month's meetup, January 19th, 2016, is simple: somplete the SANS Holiday Hack Challenge. The competition might be over, but the fun is still available online. Bring your computers and get ready to have some fun as we work our way through the challenges.

Before that thought, Josh will be giving a short OSINT presentation on yours truly. That's right I told Josh to go find the most embarrassing or most controversial thing online for me.

All that and more for this month's meetup. The fun begins at 6:30 p.m. at IT-ology.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, SANS, CTF

December 15 meetup agenda at the Flying Saucer

December 07, 2015 / Timothy De Block

We've decided to do the same thing we did last year for our December meetup. We will be going to a restaurant to enjoy some food that is not pizza, drinks, and some casual infosec discussion. This year we're going to head to the Flying Saucer Draught Emporium in downtown Columbia.

We've submitted some infosec related questions for trivia. If you wish to participate in trivia we recommend getting to the Flying Saucer by 7:00 p.m. We hope to see everyone there.

Comment 0 Likes

categories / Meetup
tags / meetup, Meetup Agenda, December, infosec

October 13, 2015, meetup wrapup - The CTF is coming.

October 14, 2015 / Timothy De Block

Jeff Lang giving a presentation on what one needs to participate in a CTF

We had a wonderful meetup with a couple of new faces.

Before we get to the recap, reminder that this Saturday October 17, 2015, we will be doing our first group CTF at Training Concepts. The address:

250 Berryhill Rd # 502, Columbia, SC 29210

Details are on our "Upcoming Events" page.

Onto the meetup. Josh gave a recap of DerbyCon and then Jeff went over some basics for participating in a CTF. His slides are available here: https://drive.google.com/open?id=16QyVo3UUOTMQyiZqAzBuLp2a_mDP9inkMWNj3JKMXwU

We did a Google Hangout again of the entire meetup if you're interested in watching the presentation.

We look forward to seeing everyone at the CTF Saturday.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF

October 13 and 17, 2015, meetup agenda

October 06, 2015 / Timothy De Block

This month we will be putting on our first CTF event for ColaSec. We will meet October 13, 2015, at 6:30 p.m. at IT-ology for a CTF primer. The primer will be facilitated by Jeff and we'll walk through some basics and ensure Kali and other tools get installed on CTF machines.
Prior to all that Josh will give a presentation on his experiences at DerbyCon.

Schedule and requirements:

October 13 meetup - CTF Primer - IT-ology 6:30 p.m. - 9:00 p.m.

If you have problems loading Kali we can address them at the meeting. Here is a list of other programs that may be useful for the CTF:

nmap
netdiscover
nikto or wikto
wireshark
some form of ssh client
password cracker(online and offline)
netcat
dirbuster
some proxy
cookie editor
steganalysis tool(stegdetect or stegspy)
hex editor
picture viewer(infanview)
debugger(ollydb)
malware analysis(IDA, PEiD, PEView, PEScanner.py)
sqlmap

We will figure out teams at the Tuesday meetup as well.

October 17 CTF - Training Concepts - 1 p.m. to 5 p.m.

Ralph is putting together the CTF using VulnHub. He plans to have 3-4 local VMs with 1-2 additional online CTFs.

We will be at Training Concepts for the actual CTF on Saturday.

250 Berryhill Rd # 502, Columbia, SC 29210

Bring your Kali-loaded laptops or just bring yourself. There will be computers available for people who don't have a laptop to use for the CTF.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF, Meetup Agenda

September 15, 2015, meetup wrap-up - frameworks for securing things

September 16, 2015 / Timothy De Block

We had an excellent meeting this month. About 14 people showed up and participated. We had a lot to talk about with BSides Augusta happening Saturday, the CTF planning for next month, and the usual infosec news. After that, Ralph Collum gave us an excellent talk on security frameworks and how to choose the best one. We finished with some videos from J4vv4d.

Next months meetup will be slightly different. We're planning to do two days. We'll meet our usual Tuesday, October 13, 2015, but we're also going to meet the following Saturday, October 17, 2015, for some capture the flag (CTF) fun. Details to come soon.

Comment 0 Likes

categories / Meetup
tags / infosec, CTF, security framework

September 15, 2015, meetup agenda - Security Frameworks

September 08, 2015 / Timothy De Block

It's looking like the September meetup is going to be jam-packed month for the ColaSec user group. We will wrap-up BSides Augusta, talk about the October CTF, and have a presentation on security frameworks.

BSides Augusta is this Saturday, September 12, 2015, in Augusta Georgia. It is one of the best well run BSides events out there and I highly recommend the event. Did I mention I'll be speaking at the event? The event is sold out, but has a waiting list. They've recently released some tickets, so who knows.

We're planning a CTF event for October. We will have a Tuesday primer meetup followed up by a CTF competition on the following Saturday. If you would like to participate fill out this Google survey and let us know what weekend in October works best for you: http://goo.gl/forms/ULuA1Jt3im

Finally, we're planning on having a presentation on security frameworks for this months meetup. If you have to decide on a framework for your organization, which one is the best one for your organization?

Comment 0 Likes

categories / Meetup
tags / infosec, security framework, CTF, BSides Augusta

Augusta 18, meetup wrapup - Blue Team Starter Kit Tour begins

August 19, 2015 / Timothy De Block

This past Tuesday, I presented my Blue Team Starter Kit talk, that I will be presenting at BSides Augusta (September 12) and DerbyCon (September 24-27) next month. It was a good chat with some good interaction and trolling. I've got a lot of work to do on refining the talk, which was why I wanted to present it at ColaSec as a warmup for the big security conferences.

I will be presenting on Blue Team track 1 at 5 p.m. for BSides Augusta and I will be presenting Friday in the Stable talk track at 1:30 p.m. for DerbyCon. I'm super excited to be presenting at both conferences and look forward to catching up with people I know, as well as meeting some new people.

We had a lot of new faces at this weeks meetup, which is always nice to see. Building relationships and strengthening the infosec community in Columbia, SC, is something I am really excited about and look forward to each month.

Finally, we are helping ITology find speakers for their Trends 2015 conference this October. Details are below:

IT-oLogy presents Trends 2015

Cybersecurity 2020: The Impact of Digital Business on Security

CALL FOR PRESENTERS NOW OPEN

Form to submit: https://itchallenge.wufoo.com/forms/r1pd8o9s19cfxod

What is Trends?

An IT-oLogy (www.it-ology.org) hosted annual conference focusing on technology issues and topics that are “trending” nationally as well as regionally/locally. Basically, it heightens awareness around issues that will impact the future of IT-oLogy partners, the local and regional community, and South Carolina in a big way. The conference is kicked off by a presentation from a Gartner analyst.

2015 Topic:

This year’s topic is the overall digital transformation taking place in society (everything is becoming ‘digital’) and the associated security issues that come along with it.

2015 Date/Location:

Trends will take place Wednesday, October 28 fro 9:00 am to 4:30 pm EST at IT-oLogy, 1301 Gervais Street, Columbia, SC 29201.

Call for Speakers:

The 2015 Call for Speakers is now open. We’re looking for talks in the following areas:

Digital Transformation

A massive “digital transformation” is taking place in society and the pace is only accelerating. Industries, as well as organizations and individuals, are being impacted in ways never imagined. What are examples of this transformation? How is it having an impact? Why is it important?

Security, specific to the following areas:

• C level/Executive – security issues impacting executives at all levels (decision makers). Those topics executives should be aware of and know about.

• Technologists – issues impacting those at a hands-on technical level. Target audience here will be technologists.

• Citizen 101 – issues impacting everyday citizens. Things they should be aware of. Examples might include a very basic overview of how to encrypt email and/or attachments (most don’t have a clue), why changing passwords often is a must-do (and how to keep up with all those passwords), and other like issues.

Do you have apresentation? We’d like to hear from you! Please fill out the form and Todd Lewis (todd.lewis@it-ology.org) will respond!

https://itchallenge.wufoo.com/forms/r1pd8o9s19cfxod

Comment 0 Likes

categories / Meetup
tags / infosec, Blue Team, Tools, EMET, OWASP ZAP, Redline, Presentation, PDQ Deploy

August 18, 2015, meetup agenda - Blue Team Starter Kit

August 11, 2015 / Timothy De Block

Next week, I will be presenting my Blue Team Starter Kit talk, in preparation for my presentation of the talk at BSides Augusta, September 12, 2015, and DerbyCon, September 25-27.

The talk is focused on low cost tools for Blue Teams. The tools I plan to cover in the talk include:

Google/Twitter
OWASP Zed Attack Proxy
Mandiant Redline
Microsoft EMET
Admin Arsenal PDQ Deploy

These are tools I've found to be effective and accomplishing specific challenges given to me by management. And the best thing is that all of them are easy to use and free (PDQ Deploy enterprise is $500).

Also, we will discuss IT-ology Trends 2015 event at the meetup.

Comment 0 Likes

categories / Meetup
tags / presentation, Blue Team, Tools, infosec

July 21, 2015, meetup wrapup - OSSEC in the house!

July 23, 2015 / Timothy De Block

At this weeks meeting we discussed the following news items:

Hacking Team hacked, attackers claim 400GB in dumped data - Steve Ragan - CSO Online

Flash. Must. Die - Brian Barrett - WIRED

OpenSSL patches critical certificate validation vulnerability - Michael Mimoso - Threatpost

And because it just came out the same day we also discussed the freshly new hacked Jeep news.

Hackers remotely kill a jeep on the highway -- with me in it - Andy Greenberg - WIRED

After the news, Robert Wilson gave an excellent talk on OSSEC. He showed us how to both set it up and use it to monitor for abnormal activity. It's really interesting stuff and only requires, as Robert put it, "nerd power" to get it up and running. Here are some links to get started with it:

Main OSSEC site

OSSEC on GitHub

Daniel Cid's OSSEC architecture presentation

OSSEC CON presentations

Vic Hargrave's ELK and OSSEC overview (somewhat outdated)

NSA Guidance on spotting the adversary

IAD GitHub

Thanks again to Robert for stepping up giving us an excellent presentation for our July meetup. It was very informative and fun as always hanging out with other infosec folks.

Our next meetup will be August 18. I will be presenting my Blue Team Starter Kit talk which I intend to use at BSides Augusta, September 12.

Comment 0 Likes

categories / Meetup
tags / infosec, OSSEC, presentation

July 21, 2015, meetup agenda - OSSEC

July 15, 2015 / Timothy De Block

Robert Wilson will be giving us a presentation on OSSEC host intrusion detection software and will be covering the following questions

What is it?
How do you get it?
What exactly does it do?
What does it NOT do?
How do you use it?
What are some real-world examples of using OSSEC
What about querying? What about all of the chatter?

If you have any other questions about OSSEC be sure to bring to drop them on our listserv or bring them to the meeting next week.

I'll also be adding a new "The NEWS" segment to the meetup. We'll try it out and see how it goes.

Also, we are planning to go to Brew at the Zoo August 7, 2015, as a group. If you would like to commit to going to the event, let me know and bring some money or a checkbook to the meetup to pay for a ticket.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, infosec, OSSEC

June 16, 2015, meetup wrapup - demo gods pwn presenter

June 17, 2015 / Timothy De Block

Well it happened again.

The demo gods gave our demo presenter a case of the, "you're not presenting tonight" and thus we were left scrambling for a presentation again. It was still a good night though as we slogged our way through setting up Kali Linux and Metasplotable. Sandra also brought us some cool toys to play with and was kind enough to take notes and a recording of the meeting.

We started with introductions and the agenda for tonight. Then I shared some pictures of CircleCityCon. Adam then stepped up to the play and tried to give a demo until he realized he had downloaded the 32-bit version of VirtualBox and was trying to load 64-bit ISOs. Chris stepped in to assist in walking everyone through how to setup Kali Linux.

We were then distracted when Sandra pulled out some Google cardboard and sent us on trips to space museums, Paris, and other places. We then got back to business and discussed some VM nuances, movie reboots, and Edwin showed of the pfSense console. Back at the Kali Linux install we discovered that you shouldn't try to run a VM from an SD card. Metasploitable is up an running. I managed to pop a padlock in less than five seconds! After a few more errors and troubleshooting both Kali and Metasploitable are up and running. Success!

Robert wrapped up the meeting talking about OSSEC, which he will be presenting on at our next meeting.

Quotes of the night

"That's the problem with doing a presentation with a bunch of nerds; they'll tell what to do and what you're doing wrong." -Robert

"Peter Jackson will get bored and reboot the LORT movies" -Adam

(in the distance) "Ooooooo! Anyone want a cupcake!?" -Tim

Random other things

Teracopy is awesome
Don't download anything from Sourceforge
Hack news: LastPass and baseball hacks
Poly password hasher

Again, a big thanks to Sandra for the meeting notes. Our next meetup will be July 21, 2015.

Comment 0 Likes

categories / Meetup
tags / infosec, Google, Kali Linux, Virtualization, Metasploitable

June 16, 2015, meetup agenda

June 09, 2015 / Timothy De Block

Next week's meetup I will be giving a wrap-up of Circle City Con, which I am getting the opportunity to contribute to this year as a picture taker guy. I've been told that a few people plan to head to BSides Charolette this weekend and we'll hopefully have a review of that conference as well.

For the main event Jeff and Adam will be doing a demonstration on building your own home lab. Per Jeff:

"For next weeks meetup we will be doing some demos on how to install and configure a home virutal lab for Security testing and research. We will primarily be using VirtualBox as our host virtual environment. It will run on Windows, Mac, and Linux. If people would like to play along, they should download the base Virtualbox installer for their OS as well as the extension pack. The install is fairly straight forward and there are a lot of install guides out on the net.

Once we have our host environment setup, we will walk through an OS install from a base ISO image. We will also show how to move VMs from one machine and import them into another. Finally we'll go through setting up DHCP and configuring the different network types that you can do with VirtualBox. We will have a number of ISO images and some pre-built VMs that can be installed and configured"

Download VirtualBox on a laptop and bring that to the meetup if you'd like to follow along.

Also, we are planning to go to Brew at the Zoo August 7, 2015, as a group. If you would like to commit to going to the event, let me know and bring some money or a checkbook to the meetup to pay for a ticket.

Comment 0 Likes

categories / Meetup
tags / Meetup Agenda, Virtualization, demo

May 19, 2015, meetup wrapup - pwned by the demo-gods

May 21, 2015 / Timothy De Block

Last Tuesday was our May meetup for 2015. We had planned to dive into the game PwnAdventure3, unfortunately, it was meant to be as we had hardware issues with the server that was supposed to be running the game. Of course, it worked perfectly the week prior. I even completed the first task! We still plan to do PwnAdeventure3 at a future meetup.

The meeting didn't go too waste, however, we discussed several things:

Skycure - https://maps.skycure.com/?loc=29201

Someone who attended HackMiami sent me this link. Based on "Crowd Wisdom," the map shows wifi networks that might have threats on them. We've got two in the Columbia, SC, area.

Cover VT - https://red.cirt.vt.edu/

We had a couple guys from Virgina Tech show us this nifty little link, that has their snort data mapped to Google Map API.

MT6D Visual Data Display - http://paisley.cirt.vt.edu/

This is a link that's meant to demonstrate one way of mitigating a DDoS attack. Essentially as I understood it, the IP address of a device or application keeps randomly switching, which in essence makes it harder for someone to DDoS an individual target.

Finally, we discussed a few things people would be interested in discussing for future meetups.

Thanks to everyone that came out. We look forward to seeing everyone next month!

Comment 0 Likes

categories / Meetup
tags / visualization, pwned, Skycure, Virginia Tech, infosec

Filtering by Category: Meetup

Join us on February 20th @ 6 PM for The Security Hitchhiker’s Guide to Threat Modeling

Presentation Synopsis

About Timothy De Block

How To Join The Meetup

Attending In Person

Joining Virtually

Fire Talks

The Powerup your attacks with PowerShell - Ralph Collum

Using network flow records for good - Jeff Lang

Cyber Horoscope of 2016 with a Focus on Ransomware - Jasun Tate

Fire Talk abstract slacker - Adam Twitty

Recording of the meetup:

Abstract

Bio