August 2017 Meetup Recap
Announcements and Intro
Presentation
Columbia's Information Security Group
A free and informal gathering of information security professionals and enthusiasts in Columbia, South Carolina at the Richland County Public Library on the 3rd Tuesday of every month at 6:00 PM (click on the YouTube bubble).
Founded 2014 (COVID can’t stop us)
Image credit: Zach Pippin
zachpippin.com
Announcements and Intro
Presentation
July Announcements and Intro
Presentation
Our June meeting was hosted at Conquest Brewery. Our lock picking friends from the north, LockFale came down for the 2nd annual Lockpick Village night. Nobody was removed from handcuffs via power tools this year, but we all increased our knowledge of physical security.
Big thank you to Justin and Jon for hauling down all the gear and sharing your lock picking knowledge with the group. We will see everybody back at the USC Incubator for the July meetup.
Regex for Noobs - by Drew Varner
May Announcements and Intro
Drew's Presentation Video
Join us this Tuesday March 21st at the USC incubator. Food, Drinks and InfoSec start at 6pm. All are welcome. This month Ralph Collum will be teaching us about Becoming a Cyber Warrior:
This presentation encompasses most aspects of what Information Security professionals deal with on a daily basis. It is also heavily focused on what I think is important to finding and maintaining a career as an information security professional.
Note: Audio has echo near end of video. Presenter's slides are available below.
Last month Dr. Csilla Farkas joined us again to talk Security and the Internet of Things. Dr. Farkas provided us with an engaging and interactive talk about an increasingly entertaining InfoSec topic.
Abstract -
Are you living in a smart home? Are you using smart devices to monitor your health? Is your organization considering to increase automation for sensing and controlling operations? While the concept of Internet of Things (IoT) may mean different things to different people, there is a common theme: the need for cybersecurity. The key security challenges are focused on three areas: 1) device vulnerabilities, 2) communication security and trust, and 3) data integrity, security, and privacy. In this talk I present a semantics-based approach to support IoT data integration and security.
The first ColaSec meetup of 2017 is Tuesday January 17th. Join us at 6PM for food, drinks and infosec at the USC Incubator.
Tim DeBlock joins us remotely from Nashville to talk about building an Application Security program:
Abstract
Management wants a security program setup in the software development life cycle (SDLC). You have very little programing experience. What do you do? This talk will walk through the experience and process of setting up security in a waterfall and agile SDLC, with very little programming experience. We will walk through the high level strategy and dig into some of the resources available to build out a program. We will also cover the successes and lessons learned I’ve had building an application security program from scratch. This talk is for those looking to make an impact in the SDLC.
Thursday December 15th, ColaSec will be meeting at Conquest Brewery at 6pm. Conquest will be tapping our ColaSec custom brew a Scotch Ale called Brewt Force. We will have pulled pork (un-sauced so bring your favorite sauce) with several pot luck sides. December is our informal meetup so bring your friends and family. We have no set speakers or agenda, just show up and help us celebrate another great year of ColaSec as we look forward to an even better 2017.
Malware Analysis with Dan Boynton
This talk will provide a high level introduction to malware analysis. We will start with the basic concepts and considerations of analysis lab design along with a walk through of a simple Two-VM setup. Once we test and prepare our environment, we will discuss analysis techniques for document based malware (MS Office and Javascript). If time permits, we will discuss some methods for analyzing, classifying, and attributing malicious windows binaries.
ColaSec had an excellent representation at B Sides Charleston over the weekend. Ralph Collum and Josh Huff both gave talks at the conference and several of our members attended the 2 training events as well. Join us 6pm at the Incubator (EventBrite page here). Professional or enthusiast, all are welcome!
David Guirl and Trey Egan present:
Micro$oft LAPS (Local Admin Password Solution)
Join us tonight (10/18/16) 6pm at the USC Incubator. Tonight's agenda includes a quick recap of Louisville antics at Derbycon, updates on our December meetup party plans, and In The News round table discussion. Then David and Trey will present on Security with Microsoft LAPS (Local Admin Password Solution).
ColaSec is for anybody with an interest for Information Security in the Columbia area. Professional or enthusiast all are welcome. Food and Drinks provided as usual...See you there!
Join us this Tuesday the 20th for our September meetup at the Incubator. A handful of members hit the road and went to B Sides Augusta. We watched Lockfale anger the NSA, saw some excellent speakers and attacked Chiron's Pyramid Capture The Flag. (One of our member's may have won an awesome prize as well)
After the B Sides recap, Josh Huff will give us a practice run of his DerbyCon talk - What I Learned by Being an OSINT Creeper. This talk will be given at Derbycon in Louisville in the stable track and was also picked up by B Sides Charleston in November. Josh welcomes any feedback you have as he makes his final adjustments before presenting in Kentucky. Talk outline from Derbycon site - https://www.derbycon.com/events/open-source-intelligence-what-i-learned-by-being-an-osint-creeper/
Food and Beverages start at 6PM. Registration on EventBrite page here.
After the whirlwind lock picking meetup in June our updates promptly fell off the face of the Earth. Time to remedy that...
Date: July 19, 2016
Presenter: Ralph Collum
Ralph took us on a journey through the perils of our privacy on the inter-webs. After going through the perils we got a lesson in opting out and other methods to reduce our digital footprint. His meme-tastic slide deck and link set can be found here.
July Presenter Slides
https://drive.google.com/open?id=0B0segbpNn2mBS3F3OHRQRXhHTHM
Date: August 16, 2016
Presenter: Trey Funderburk
Hot off a Mr. Robot appearance the week before, OpenWRT was the presentation topic for August. Trey gave us an outstanding primer to what OpenWRT is and what it can be used for. Trey's talk showed specific use cases of how powerful and customizable OpenWRT can be. Trey’s slide deck can be found here.
What happens when you invite LockFale from North Carolina to join ColaSec for a lock pick village?
Record Breaking attendance, solid lock picking knowledge and Adam with an epic handcuff escape story!
Justin Nordine and Matt Block of LockFale joined us and brought an impressive lock pick village to play in. We learned about physical security and had a chance to try and pick tons of different lock types. Check out the Gallery here. This was one of our biggest turnouts for a meetup with 25 attendees. We want to thank LockFale for doing an awesome job and thanks to all of you for making it out to a great ColaSec meeting.
Once LockFale headed back across state lines, we had a chance to practice what we learned in the bonus round. Somebody “accidentally” double locked the handcuff with the “practice wrist” to Adam. We put all of our lock picking skills to the test then promptly went to find a power drill. After an epic lock pick session that would make an OSHA representative jump off a building, Adam was free! Thank you LockFale.
LockFale
Our next meetup is this Tuesday, June 21st at 6:00 PM at the USC/Columbia Technology Incubator. Details (http://www.colasec.org/how-to-find-us/)
Our agenda includes our “normal” intro plus some intel on SANS SEC501: Advanced Security Essentials –Enterprise Defender from Corey. Josh went to Myrtle Beach to the Techno Security & Forensic Investigation Conference plus got smoked at NetWars competition. After the intro we have the lock sport group LockFALE from North Carolina joining us and putting on a lockpick village. If you have interest in learning lock picking or want to hone your skills on some cool practice gear, join us Tuesday.
FALE — FALE Association of Locksport Enthusiasts
FALE came together around a common idea of general curiosity and persuasion of the public’s “right to know”. Formally founded in early 2010, the individuals involved in the initial organization already had a history in and love for the practice of locksport and of having a better understanding of the mechanisms we rely on so heavily to keep us secure. Beginning with four members meeting monthly, we have quickly progressed to bi-monthly meetings attended by 15 or more individuals. We talk locks, picks, general security and a smattering of other topics when meeting all towards the end of a better knowledge of and ability to communicate the effectiveness (or lack thereof) of so many security measures in place in current society. We hope that through these conversations and our efforts publicly we will help to educate the larger community on the proper use and understanding of locks and security measures encountered daily.
FALE will be hosting a Lockpick Village where folks can come by to talk about physical security, learn to pick locks or talk about advanced picking techniques and tips. Plenty of locks and spare picks to play with, so be sure to stop by!
Our next meetup is a week from today, April 19, 2016, starting at 6:00 PM at our new location, the USC/Columbia Technology Incubator. Details are located on our site (http://www.colasec.org/how-to-find-us/). If you have any questions on how to get there respond to this thread or contact Adam directly.
Our meetup agenda will include our usual intro plus a recap of BSides Nashville.Then we'll move into our four 15-minute Fire Talks for the evening.
Abstract: We will cover a few PowerShell basics to get everybody warmed up. Then we will explore the hacking methodology starting with reconnaissance and moving through to Post Exploitation using PowerShell.
Abstract: As part of real-time traffic monitoring and historic forensic investigations, Network Flow records can be an invaluable asset. Flow records are summary data about all the network traffic that is passing through your network devices to answer questions such as how many hosts are talking, whois is talking to whom, and how often? The main purpose of this FireTalk is to discuss common incidents that might occur on a network and show example Network Flow data for those incidents.
Abstract: A unorthodox approach at securing an organization from 12 positional facets, with an highlight on strategy deployment from the below:
Abstract: One of the fundamental problems with using the internet is that you don't know where it's been. Who owns the wire, the switch, the router, the server once data leaves your network? How do we protect this information?
This talk will explore the various methods and protocols that we use every day to protect our information and make sure that we know who we are talking to. You'll also learn what the difference is between encoding, hashing, and encryption. Finally we'll explore some of the more obscure ways of obfuscating data that you might not have heard of before.
I'm looking forward to seeing you all there!
On March 30, four of us got together at Grapes & Gallery to try our hand at Hacking-Lab's Hacky Easter challenge. We got through 5 of the 24 challenges before being completely stumped by a Bluejay. But we did have a lot of fun working through the challenges.
If you'd like to join us, you can sign up on the site for free. The challenge includes simple buddy mechanism so you can see how far we've gotten (and how much catching up you have to do!) Our usernames are:
We do plan on going back out for a second crack at it. Keep an eye on the list-serve for dates and times. Come join us!
We had a really good meeting for our last ColaSec meeting at IT-ology. We set a record for attendance with 22 people showing up for Tuesday's meeting. Josh Huff also gave an excellent talk on OSINT. His slides can be found here. The recording of the meetup can be found below.
We're excited for the opportunity to look for a new venue. We hope to have something locked up in early April if not sooner.
This month one of ColaSec's own, Josh Huff, will put on a presentation regarding Open Source Intelligence (OSINT).
Open Source Intelligence is defined by the Army as an intelligence discipline that pertains to intelligence produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence and information requirement. That’s a pretty intense way to say that once we find the Open Source Information we use it for a specific purpose. My talk will show you some of the purposes for finding Open Source intelligence and the tools we use to gather it. OSINT is everywhere… for example what information can we pull from a social media post showing a great deal at the gas pump? How bad are those pictures of debit cards where people obscure some of the digits on their card? What can we learn from the Internet of things and what can we do to protect ourselves from leaking this information all over the place? The bonus round includes locating places that our heroes from The Walking Dead snuck around when filming in Atlanta.
Join us for networking from 6:00 - 6:30 at IT-ology. Then the OSINT presentation by Josh Huff beginning at 6:30. Food and beverages will be available. We look forward to seeing you there!
We had a wonderful meetup this past Tuesday. Csilla Farkas came and gave an awesome presentation on data analytics and privacy. One of the things to come out of the presentation was Latanya Sweeney's work:
Abstract
Alice goes to the hospital in the United States. Her doctor and health insurance company know the details ― and often, so does her state government. Thirty-three of the states that know those details do not keep the information to themselves or limit their sharing to researchers [1]. Instead, they give away or sell a version of this information, and often they’re legally required to do so. The states turn to you as a computer scientist, IT specialist, policy expert, consultant, or privacy officer and ask, are the data anonymous? Can anyone be identified? Chances are you have no idea whether real-world risks exist. Here is how I matched patient names to publicly available health data sold by Washington State, and how the state responded. Doing this kind of experiment helps improve data-sharing practices, reduce privacy risks, and encourage the development of better technological solutions.
There's not really much to report. I will have some pictures up in the gallery soon. It was a really fun night with a really good talk.