The in-person portion will be hosted at the new MTSI office in Beavercreek
3837 Colonel Glenn Hwy, Beavercreek, OH 45324.
The monthly meeting will be held both in-person and online via Google Meet.
Registration Form
https://forms.gle/RDWkxFkqueFdx5QJ7
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
Speaker: Charles Lester
Talk: Social Engineering
It includes the following:
OISF is on YouTube via the following link:
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Registration Form
https://forms.gle/A4UAtFHRPPeBqrtj7
NOTE - Due to changes beyond our control, meeting registration has been moved to Google Forms going forward.
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
Speaker: Jason Adkin, Cybersecurity professional for the United States Air Force (Civil Service)
Talk: How bitcoin is disrupting the financial industry
Jason Adkin has been with the United States Air Force (Civil Service) with experience of securing Platform IT systems for the past 5 years. Before taking his current position, Jason dual hatted as a data scientist and software developer in the Auto Insurance industry for a couple years. Jason holds both a Masters in Data Analytics and Bachelors in Theoretical Mathematics. When Jason isn't busy painting the walls of his new starter home for what seems like the 100th day in a row, he enjoys developing complex automation solutions for problems that could just be taken care of in 10 minutes
]]>It includes the following:
John Farrier - Active Career Management
An article on the content
Book List from the presentation: https://johnfarrier.com/non-fiction/
Books Mentioned:
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Registration Form
https://forms.gle/MbjQH2ccjAFETJHK6
NOTE - Due to changes beyond our control, meeting registration has been moved to Google Forms going forward.
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
Speaker: John Farrier - How To Manage Your Career As A Professional In Tech
John E. Farrier has over 25 years as a successful founder and software engineering leader, particularly noted for delivering high-value projects to U.S. Air Force clients. Under his leadership as Co-Founder and CEO, his first company, Hellebore, saw remarkable growth and was pivotal in the defense sector, particularly with designing advanced mission systems architectures for next-generation aircraft.
In his expansive technical repertoire, John commands expertise in Design Patterns, C++, Python, DevOps, AI, Game Engine Design, Large-Scale Agile Project Management, and Modeling & Simulation. Leveraging Agile principles and stream-aligned teams, he constantly explores the outer reaches of software engineering possibilities. John's credentials are reinforced by numerous publications in the realm of Modeling and Simulation.
John's commitment extends beyond mere technical excellence. He’s an unwavering advocate for fostering strong software cultures, emphasizing collaboration and career evolution. He operates with a strong ethos of principle-based decision-making and hyper-transparency, fostering both trust and clarity in professional relationships.
At present, John leads Polyrhythm Software, one of a new generation of software companies focused on delivering high-value software to DoD and commercial clients.
]]>It includes the following:
Dave Hatter - Software Security: The Critical Role of Software Bill of Materials
BONDS Robotics FRC 5811 - Introduction, mission, community support, and exploring tech
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Registration Form
https://forms.gle/XNETHNnXN4Um7LfN7
NOTE - Due to changes beyond our control, meeting registration has been moved to Google Forms going forward.
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
Dave Hatter - Software Security: The Critical Role of Software Bill of Materials (SBOM)
BONDS Robotics FRC 5811 - Introduction, mission, community support, and exploring tech
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
Having split his career between offense and defense, serial founder/advisor/investor and InQuest CTO Pedram Amini will cover the history of a now decade old bootstrapped cyber security business. From ideation through initial success and current ambitions… please feel free to bounce startup questions off of him at the end.
He'll also delve into the end-user problem space as well as the technologies InQuest pioneered to address shortcomings in the market. Among others this includes Deep File Inspection (DFI) for real-time protection and "RetroHunting", a novel approach that leverages the power of hindsight to apply today's intelligence to yesterday's data.
Currently serving as InQuest.net CTO, Pedram was formerly a director at Avast, after the acquisition of his startup Jumpshot, a solution for the identification and removal of deeply entrenched malware. Previously, he founded the Zero Day Initiative at TippingPoint, where the Intrusion Prevention System (IPS) was invented. At TippingPoint he built and managed the world's largest group of independent researchers. To date the predominant source of all Microsoft vulnerability discoveries. He has historically spent much of his time in the shoes of a reverse engineer, developing automation tools and processes. Pedram has formerly presented and given training courses at Blackhat and numerous other infosec conferences globally. Pedram holds a CS degree from Tulane University and is an author of the book "Fuzzing: Brute Force Vulnerability Discovery".
]]>It is that time of the year again. Our annual conference is coming up on Sat. July 8th. The OISF Annual Conference will be held both in-person and online this year (details to follow). This year's conference will be hosted at the Holiday Inn Dayton/Fairborn I-675, 2800 Presidential Drive, Fairborn, OH 45324. The conference will begin at 8:30 AM with breakfast starting at 8:00 AM and will end around 4:30 PM.
When you register for the conference, you will be prompted to select whether you will be attending in-person or virtual. When selecting In-person you will also specify your boxed lunch add-on option. This year you will need to pay at the time of registration via Eventbrite. When registration is complete you will receive a confirmation email to bring. the day of the conference.
Ticket Prices:
Cancelation Policy:
Tickets can be canceled for a refund up until June 29 @12:00a EDT. The ticket refund amount will be minus the service and processing fee of approximately $3.45 for in-person and $2.45 for online registrations.
Time | Speaker | Title/Event |
---|---|---|
0830: | OISF President - Dr. Carls | Opening Remarks |
0845: | Bryan Fite | Future Shock: The Future of Fraud Today |
1000: | Pedram Amini | Securing the Frontlines: How Users are Being Targeted Today |
1100: | Matt Scheurer / Tuan Phan | These Artifacts aren't Fiction |
1200: | - | Lunch |
1230: | Remarks / Jon “McFly” McEllroy | Self ROPing Programs for Fun and Profit… |
1330: | Micah Brown | Building Better Authentication Requirements in a Zero Trust World |
1530: | Barry Kimball | Phones : The Good, The Bad, and the Ugly |
1600: | Deral Heiland | Developing Hands-on IoT Training Exercises |
1700: | OISF President - Dr. Carls | Closing Remarks |
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
It includes the following:
Solder-Defined Computers for Provable Immunity Against Hacking and Malware - Marc Abel
Relax: Humanizing Security - Ken Fanger
Differential Privacy for Privacy Protection in Federated Learning - Ahmed El Ouadrhiri
Intro to Reverse Engineering - Aaron Joiner
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
How to deal with the emotional fallout of being hacked for employees. This is a topic that is under-addressed in cybersecurity.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Differential privacy (DP) is considered a de-facto standard for protecting users' privacy in data analysis, machine, and deep learning. Existing DP-based privacy-preserving approaches, in federated learning, consist of adding noise to the clients' gradients before sharing them with the server. However, implementing DP on the gradient is inefficient as the privacy leakage increases by increasing the synchronization training epochs due to the composition theorem.
Recently, researchers were able to recover images of the training dataset using a Generative Regression Neural Network (GRNN). In this work, we propose a novel approach using two layers of privacy protection to overcome the limitations of the existing DP-based methods. The first layer leverages Hensel's Lemma to reduce the training dataset's dimension. The new dimensionality reduction method reduces the dimension of a dataset without losing information since Hensel's Lemma guarantees uniqueness. The second layer applies DP to the compressed dataset generated by the first layer.
The proposed approach overcomes the problem of privacy leakage due to composition by applying DP only once before the training. Therefore, clients train their local model on the privacy-preserving dataset generated by the second layer. Experimental results show that the proposed approach ensures strong privacy protection while achieving high accuracy. In particular, the new dimensionality reduction method achieves an accuracy of 97%, with only 25% of the original dataset size.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
It includes the following:
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
A historical discussion on software development and security, with an emphasis on assembler language.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
This talk explores the workings of common network protocols at different layers of the OSI model (such as DNS, ARP, and HTTPS), with a focus on the trust model of each protocol and the ways spoofing and man in the middle attacks abuse that trust.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Roundtable discussion of current events and topics of interest to attendees.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
A journey into Medical Device Security Research by Deral Heiland, one of the OISF founders.
During this presentation Deral will be leading the audience on an expedition into the work of medical device security research by exploring a project he has been working on over the last year. Various topics including risk, impact, and safety concerns around potential vulnerabilities and exportation of medical technology will be explored. Also, during this presentation, Deral will be discussing recent security vulnerability findings along with some live demos.
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Dark Reading, Threat Post and Infosecurity Magazine.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Securing Operational Technology and Industrial Control Systems (OT/ICS) - Thomas Agler
Tom will discuss Securing Operational Technology and Industrial Control Systems (OT/ICS). He will first explain challenges and the current security landscape for OT/ICS based on security reports, OSINT findings, and personal experience. He will then facilitate a discussion on both the “book answers” and practical approaches to these challenges.
Thomas Agler is a cyber security consultant with Agler Security Consulting and a Network Operations Officer in the U.S. Air Force where he currently teaches cyber security for aircraft avionics. He has seven years of experience as both a team leader and individual contributor within various aspects of IT, cyber security, and offensive cyber operations
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Luke Ellwood will discuss the latest trends on the threat landscape based on data from Check Point’s Research team.
Luke Ellwood is the Security Engineering Manager at Check Point for the Great Lakes area. He brings perspective from 20+ years in the IT industry, having had hands-on roles in the design, implementation, and operation of security infrastructure at enterprise scale.
]]>It includes the following:
(All presentations listed, available presentations linked)
Matt Scheurer - Becoming an IR Superstar
Scott Nusbaum - Ransomware Is NOT the problem
Dr. Phu Phung - Hybrid image-based approaches for modern malware classification
Micah Brown - How a 1993 CCG Prepared me for a Life in InfoSec
Jerod Brennen - Rethinking Cybersecurity in the Quantum Age
Deral Heiland - Evaluating the Security of an Enterprise IoT Deployment - From Acquisition to Support
Videos:
Videos
More links TBA
Original Agenda
Link
It is that time of the year again. Our annual conference is coming up on Sat. July 9th celebrating OISF's sweet 16!. The OISF Annual Conference will be held both in-person and online this year (details to follow). This year's conference will be hosted at a new venue, Holiday Inn Dayton/Fairborn I-675, 2800 Presidential Drive, Fairborn, OH 45324. The conference will begin at 8:30 AM with breakfast starting at 8:00 AM and will end around 4:30 PM.
When you register for the conference, you will be prompted to select whether you will be attending in-person or virtual. When selecting In-person you will also specify your boxed lunch add-on option. When registration is complete you will receive a confirmation email with instructions on how to pay for your ticket.
Ticket Prices:
We are seeking donations that are tax-deductible to our Non-Profit 501(c)(3) Learning Charity to allow our organization to share knowledge and conduct training to local Dayton Cybersecurity Professionals. You can also make contributions through Amazon Smile by selecting Ohio Information Security Forum as your charity organization or directly via Paypal with the email address sponsor@ohioinfosec.org.
Time | Speaker | Event |
---|---|---|
0845: | OISF President - Dr. Carls | Opening Remarks |
0900: | Matt Scheurer | Becoming an IR Superstar |
1000: | Scott Nusbaum | Ransomware Is NOT the problem |
1100: | Dr. Phu Phung | Hybrid image-based approaches for modern malware classification |
1200: | - | Lunch |
1245: | Dr. Carls | Remarks - Potential Titanium Sponsor |
1300: | Micah Brown | How a 1993 CCG Prepared me for a Life in InfoSec |
1400: | Jerod Brennon | Rethinking Cybersecurity in the Quantum Age |
1500: | - | Cake Cutting Ceremony |
1530: | Deral Heiland | Evaluating the Security of an Enterprise IoT Deployment - From Acquisition to Support |
1630: | OISF President - Dr. Carls | Closing Remarks |
Abstract:
Are you an aspiring Incident Responder? Perhaps looking to advance from a career as a
Security Operation Center (SOC) analyst? Or simply intrigued by the technical aspects of being an
Incident Response (IR) professional? IR analysts and engineers conduct investigations to answer the
classic “Who, What, When, Where, Why, and How” questions in responding to security alerts and
incidents. Incident Responders utilize a working knowledge of Defensive Security, Offensive Security,
and Digital Forensics to conduct their investigations. During this presentation, we cover the technical
skills and baseline knowledge required on the roadmap to becoming an IR Superstar!
Bio:
Matt Scheurer is a show host for the ThreatReel Podcast, and also works as an Assistant Vice
President of Computer Security and Incident Response in a large enterprise environment. Matt has
many years of hands-on technical experience, including Digital Forensics and Incident Response (DFIR).
He volunteers as a "Hacking is NOT a Crime" Advocate and as a technical mentor for the Women's
Security Alliance (WomSA). Matt is a 2019 comSpark “Rising Tech Stars Award” winner. Matt has
presented on numerous Information Security topics at many technology meetup groups and prominent
Information Security conferences across the country.
Abstract:
Challenging the commonly reported belief that Ransomware is the main problem effecting
companies today. But, if you ask people what is ransomware, you will get various answers, and most of
them are wrong. Let's discuss what Ransomware is and why is it just the scapegoat for a more serious
issue, that the attacker already owns the environment. We will reverse engineer a ransomware sample
to understand its basic functionality and how it differs from commodity malware, walkthrough common
paths of a "Ransomware" attack, areas of a ransomware event that organizations forget, overlook, or
outright ignore, and how security products fail to protect against ransomware.
Bio:
Scott Nusbaum is a Principal Security Consultant at TrustedSec focusing on research and Incident
Response. Scott has worked in IT for over 23 years ranging from Software Developer to Reverse
Engineer. 17 of those years in various aspects of Security. Scott has a bachelor's in Computer
Engineering and a master's in Computer Science with a focus on Cyber Informatics from the University
of Cincinnati. Holds the GIAC Reverse Engineering Malware (GREM) and the Offensive Security Certified
Expert (OSCE) certifications. Scott has always been fascinated with how exactly computers and software
operate. Scott's passion for learning the inner workings of systems led to Reverse Engineering, Malware,
exploitation development, and CTF.
Abstract:
We present multiple hybrid methods of analyzing different software categories for machine
learning-based malware classification. In the first approach, we introduce a novel image transformation
method using statistical, syntactic artifacts, and space-filling curves to convert binary software into color
3D images with semantic information. The second approach is to use static analysis to extract the
Interprocedural Control Flow Graph and an additional set of features from a Java bytecode program to
produce a grayscale image. We also extract an additional set of features from Java malware programs to
improve the accuracy of the malware classification.
We evaluate our approaches by leveraging machine learning algorithms, including shallow (XGBoost) and deep (Convolutional Neural Network) learning classifiers for the classification of various datasets of malware. Our experimental results demonstrate that the proposed methods outperformed related works and can detect both known and previously-unseen real-world malicious programs.
Bio:
Dr. Phu H. Phung is an Associate Professor, and Director of the Intelligent Systems Security Lab in
the Department of Computer Science, University of Dayton. He received his Ph.D. in Computer Science
in 2011 from Chalmers University of Technology, Sweden. His research spans security solutions for
intelligent Web, mobile, and IoT systems. He is also interested in malicious software detection. His
works have been published in top security venues with 800+ citations. Dr. Phung has served as a
reviewer for many top security journals and conferences, and on the program committee for over 20
international conferences. Dr. Phung is a senior member of IEEE and ACM.
Homepage:
https://academic.udayton.edu/PhuPhung/
Abstract:
Magic the Gathering (MTG) is one of the most iconic and popular customizable card games of
all time. At its heart the game is all about resource management and strategic thinking. Since 1993 MTG
has been able to build and maintain and communicate a constant vision of the game both internally to
create new cards and externally to attract new and old players alike. Join me as I release an open-source
documentation framework with downloadable demo VM. (This is about transforming your
documentation into an easy to read / digest living document)
Bio:
Micah K Brown is a member of the IT Security Engineering team at American Modern Insurance,
part of the Munich RE Group. Over the past four years he has served as the lead Engineer on the DLP
implementation for Data Loss Prevention for the Munich RE organizations located in North and South
America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In
his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated
from the University of Cincinnati and holds an active CISSP.
Abstract:
Quantum computing has already shifted from the realm of science fiction to the realm of
science fact, and practical applications for quantum computing are already finding their way into the
workplace. And just as with any other emerging technology, the cybersecurity implications are taking a
backseat to the business innovations. This puts cybersecurity teams at a disadvantage when it comes to
protecting against threats that leverage this same technology. In this presentation, Jerod will provide
you with a foundational understanding of quantum computing, and he’ll share insights into where
quantum computing stands today, as well as insights into how cybersecurity professionals can better
equip themselves and their teams to defend against new and emerging threats.
Bio:
By day, Jerod Brennen (@slandail) is a strategic advisor, virtual CISO, public speaker, storyteller. By
night, he’s a husband, father, writer, filmmaker, martial artist, musician, and gamer. It’s fair to say that
he’s earned every gray hair in his beard, having spent his career serving as a cybersecurity leader in
public utilities, retail, higher education, consulting, and technology. Jerod loves to share what he’s
learned over the years every chance he gets: at local and regional professional meetings, at larger
conferences, and online via blogs and podcasts. He has published multiple online information security
courses with Pluralsight and LinkedIn Learning, and he also teaches courses in person, both domestically
and internationally. He brings a unique combination of perspective and experience to the table when
helping organizations improve their cybersecurity programs, focusing on the business value of an
effective, efficient, forward-thinking cybersecurity program. At the end of the day, Jerod just wants to
help folks get one step closer to doing what they want to do securely.
Abstract:
During this presentation I will be discussing a research partnership where I worked with a
fortune 1000 company to evaluate their internally conceived, designed and deployed Internet of Things
(IoT)-based business solution. The goal of this research project was to understand the security
implications around a large-scale enterprise IoT project, and the associated processes related to
following three key areas:
* Acquisition, implementation, and deployment
* Technology and functionality
* Management and support
Bio:
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25
years of experience in the Information Technology field and has held multiple positions including: Senior
Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior
Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research,
security assessments, penetration testing, and consulting for corporations and government agencies.
Deral also has conducted security research on numerous technical subjects, releasing white papers,
Blogs, security advisories, and has presented the information at numerous national and international
security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has
been interviewed by and quoted by multiple media outlets and publications including ABC World News
Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The
Register.
It includes the following:
2022 Data Breach Investigations Report(DBIR)
Lumos: Identifying and Localizing Diverse Hidden IoT Devices in an Unfamiliar Environment
The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Current events as they relate to information security.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: Paul Hankins
After purchasing a COTS hardware router, I noticed the appliance performing some rather suspicious functions. Join me in performing some cyber defense forensics and a little honeypotting and sandboxing to determine how sus this device is, or did I just catch malware in the wild!
]]>The in-person portion will be hosted at the MTSI office in Beavercreek
(4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
During this presentation Deral will be discussing this year's Consumer Electronic Show (CES) which took place in Las Vegas NV in January. Deral will recap various highlights and things of interest he discovered while attending.
By: Deral Heiland
For this presentation Deral will be introducing, demoing and discussing a methodology of use on several hardware and application tools used to interact with and capture Bluetooth Low Energy (BLE) communications.
]]>You will need the following:
The in-person portion will be hosted at the MTSI office in Beavercreek (4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: Matt Scheurer (@c3rkah) & Micah Brown (@micahkbrown)
Wireshark is a cross-platform free and open-source packet analyzer, sometimes referred to as a network sniffer or packet sniffer. Wireshark is often used for network troubleshooting and analysis. Wireshark allows users to capture packet data from a live network, or read packets from a previously saved packet capture (PCAP) file. The target audience for this 2-hour training workshop are those wishing to learn the operational basics of using Wireshark for network traffic analysis, with a focus on network security. This is a free live hands-on instructor-led workshop featuring multiple training lab sessions.
NOTE: Please bring a laptop with Wireshark installed on it in order to get the most out of the workshop! The workshop is estimated to take 2hrs to complete.
]]>The in-person portion will be hosted at the MTSI office in Beavercreek (4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: Jeff Archer, Sr. Staff Cybersecurity Researcher (GE Aviation)
Threat hunting, machine learning, artificial intelligence: Aside from being taglines on every cyber security vendor's product sheet today, these are legitimate areas of research and strategy at the forefront of cyber security in both the private industry and academia.
Traditional, reactive detection methods continue to provide value in quick and standardized sharing of signatures and indicators of compromise, but more and more organizations are looking to augment this strategy with behavioral- or heuristic-based detection, and they want it done today...until they realize what it entails.
At the core of all of these methods is data, and lots of it. Proactive detection of cyber security events relies on using data engineering and data science to provide security analysts the information they need to test hunt hypotheses and detect anomalies in their environment, and making it as easy as possible to do so.
Jeff Archer will speak to GE Aviation's latest effort in wrangling the telemetry available to create new, proactive detection measures using a data engineering framework called Magnus. Along the way, he will share lessons learned from the project and its future role in allowing for the testing of data science- and machine learning-driven detection.
]]>It includes the following:
Mark Jeanmougin - Save Time with Modern Search Techniques
Alternate link
The in-person portion will be hosted at the MTSI office in Beavercreek (4141 Colonel Glenn Hwy #202, Beavercreek, OH 45431).
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Save Time with Modern Search Techniques - Mark Jeanmougin
Many of our tools and techniques for working with large data sets are tweaked versions of what we did back when we had one CPU and a mechanical hard drive. This presentation explores how to approach these data sets with multi-core CPU's and fast NVMe storage. Special attention is paid to Digital Forensics & Incident Response (DFIR) use cases, but the techniques are more general. This is a trip into GNU Parallel, xargs, and other techniques to maximize the parallel processing capabilities of modern CPU's and storage. Examples include searching, anti-virus, and photo processing.
]]>It includes the following:
Ward Cunningham’s Txtzyme and Ken Boak’s SIMPL languages
OpenOffice format
Powerpoint format
Playbook for Threat Modeling Medical Devices
Download link
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Ward Cunningham’s Txtzyme and Ken Boak’s SIMPL languages - John Roberts
John will present an overview of Ward Cunningham’s Txtzyme and Ken Boak’s SIMPL languages, and show how they can be used effectively to interactively command small microcontrollers and other remote devices to perform various tasks. We will discuss other potential applications of the techniques such as controlling IoT devices, or commanding complex behavior at a remote location using a very small network packet.
]]>The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
Justin Spencer - TBA
Justin Spencer is a hacker and Principal Software Engineer at Hellebore Consulting Group where he provides training, solutions, and support across a variety of security focus areas, including application and system security, for multiple DoD clients. Mr. Spencer has a decade of experience performing software development, security assessments, reverse engineering, red team tool development, signal analysis, and SDR transceiver design for systems both large and small. He was previously an adjunct Cyber Academy instructor and Manager of Cyber Software Engineering at Northrop Grumman. Mr. Spencer is also a USMC veteran and an alumnus of the Purdue University Computer Engineering program.
]]>The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: Dr. Phu H. Phung, University of Dayton
Security and privacy are significant challenges and risks today for Internet users, mostly due to the presence of code from multiple parties within a single web-based application. Standard web security mechanisms such as the same-origin policy or Content- Security Policy could not prevent potential privacy risks nor allow users to control their privacy settings. In this talk, we present our recent works that introduce a novel approach to monitoring code execution in web-based systems that can detect and prevent potential privacy leakage channels. The detected leakage is either automatically prevented by our context-aware policies or decided by the user if needed. Our method advances the conventional same-origin policy standard of the Web by enforcing different policies for each source of the code. We report our practical evaluations to demonstrate the effectiveness of our approach, including a prototype in hybrid mobile applications and a browser extension. Our experimental results evidence that the proposed method can detect and prevent data leakage channels not captured by the leading tools such as Ghostery and uBlock Origin and allow the user to control their levels of privacy protection.
]]>It includes the following:
Presentation
Malware analysis cheat sheet
REMnux malware analysis tips
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: John Carls
]]>It includes the following:
Inside the Mind of a Threat Actor: Beyond Pentesting - Phillip Wylie
I Got 99 Problems but a WAF ain’t one - Micah Brown
Code Hedgehogs - Changing the "S" in SDLC to Secure - Penelope Rozhkova
Lend me your IR's! - Matt Scheurer
Opening Remarks - OISF President
Inside the Mind of a Threat Actor: Beyond Pentesting - Phillip Wylie
I Got 99 Problems but a WAF ain’t one - Micah Brown
Code Hedgehogs - Changing the "S" in SDLC to Secure - Penelope Rozhkova
A Look at Cellular Services in IoT technology - Deral Heiland
Chats, Cheats, and Cracks: Abuse of Collaboration Platforms in Malware Campaigns Edmund Brumaghin
Lend me your IR's! - Matt Scheurer
Recap of SANS Digital Forensics and Incident Response (DFIR) 2021 Conference - John Carls
Presentations from Recap
Reviewing this summer's critical Microsoft vulnerabilities - Jason Kinder
The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).
(You're still welcome to register at the door.)
When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.
6:30pm (In-Person):
Food and drinks served, doors open.
6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.
7:00pm (Both)
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: Jason Kinder
]]>It is that time of the year again. Our annual conference is coming up on July 10th. The OISF Annual Conference will be held both in-person and virtually this year. We will be hosting the OISF Annual Conference at Miami Valley Research Park, 1900 Founders Dr, Kettering, OH. It will be the same venue we have used in the past. The conference will start at 9:00 AM and end approximately around 4:30 PM.
There will also be a virtual option to attend this year's conference via Google Meet for those that are unable to attend in person. The Google Meet link will be provided once registration closes on 7/8/21 at 5p EST.
We are seeking donations that are tax-deductible to our Non-Profit 501(c)(3) Learning Charity to allow our organization to share knowledge and conduct training to local Dayton Cybersecurity Professionals. You can also make contributions through Amazon Smile by selecting Ohio Information Security Forum as your charity organization.
Time | Speaker | Event |
---|---|---|
0800 - 0900: | - | Doors open (Registration / Breakfast) |
0900 - 0915: | OISF President On Stage |
Opening Remarks |
0915 - 1015: | Phillip Wylie Virtual |
Inside the Mind of a Threat Actor: Beyond Pentesting |
1015 - 1115: | Micah Brown On Stage |
I Got 99 Problems but a WAF ain’t one |
1115 - 1130: | - | Break |
1130 - 1230: | Penelope Rozhkova On Stage |
Code Hedgehogs - Changing the "S" in SDLC to Secure |
1230 - 1300: | - | Lunch - Pizza |
1300 - 1400: | Deral Heiland On Stage |
A Look at Cellular Services in IoT technology |
1400 - 1500: | Edmund Brumaghin Virtual |
Chats, Cheats, and Cracks: Abuse of Collaboration Platforms in Malware Campaigns |
1500 - 1515: | - | Break - Cake Cutting Ceremony |
1515 - 1615: | Matt Scheurer On Stage |
Lend me your IR's! |
1615 - 1630: | OISF President On Stage |
Closing Remarks |
Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.
Phillip Wylie is a Senior Cloud Penetration Tester in the banking industry, Adjunct Instructor at Dallas College, and The Pwn School Project founder. Phillip has over 23 years of experience with the last 9 years spent as a pentester. His passion for mentoring and education motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip is the concept creator and co-author of "The Pentester Blueprint: Starting a Career as an Ethical Hacker". He is the host of "The Hacker Maker" podcast.
Deploying a Web Application Firewall (WAF) is the hardest IT Security project I ever completed. It requires implicit trust and support between IT Security and App Dev. A WAF project demands networking, traditional IT Architecture, Cloud Architecture, and App Development skills. Join me as I discuss the challenges, the ‘short cuts’, and the tips and tricks I learned as I deployed over 30 WAFs in under 3 months.
Micah K Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past four years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.
Secure Software Development is a shift-left effort aiming to identify security vulnerabilities early on in the development lifecycle. The take-aways for this talk will be ideas on how to engage developers in shifting the security posture of their organizations through secure coding with a simple analogy, concrete steps at each phase of the SDLC, and fun ways to learn how to do it. We will begin with a quick review on how to integrate secure coding at each step of the Software Development Life Cycle. Next we will discuss the top application vulnerabilities and mitigation techniques to defend against known attacks. Then we will also discuss the three approaches to threat modeling. Finally we will wrap things up with recommendations on how to try your hand on the other side through gamified Red Team challenges where coding skills give you a decided advantage.
Penelope Rozhkova is an experienced CyberSecurity Professional and an avid learner passionate about all things cyber. She has two Bachelor's and a Master's in other fields, and now a degree in Cyber Security & Information Assurance. She is active in the Black Hills Information Security community where she has been appointed to their "Friends of BHIS" designation, lovingly known as the Nerd Herders. You might even stumble upon cameo appearances on their newscast or Back Doors & Breaches demos found on YouTube or Twitch. An educator at heart, she is excited to share her expertise with audiences whenever given the opportunity. Penelope has CompTIA Security+ and CySA+ certifications and most recently was an adjunct instructor at Northern Kentucky University's NSA/NSF GenCyber Camp.
With the substantial growth of Internet of Things (IoT) technology continuing, from Industrial, Enterprise, Medical, Consumer to Transportation IoT, there has been an expanding need to connect these devices know matter where they may be located. To solve this problem, we have cellular technology to the rescue. During this presentation we will be discussing various types of cellular service most often seen in use by IoT technology. We will be reviewing potential security risk, and impact, along with an examination of the various vendors, and products at the component level that are available. Also, I will be discussing various methods and concepts on how to approach evaluating the security of devices leveraging cellular technology.
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack in Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
The COVID19 pandemic has led to significant changes in how many organizations conduct business. The widespread adoption of remote working arrangements has caused many organizations to increasingly rely on collaboration platforms like Discord and Slack to enable employees to communicate more effectively. Attackers have recognized this and have begun leveraging these platforms for nefarious purposes as well. This presentation will discuss how attackers are using collaboration platforms throughout various stages of their malware attacks and what organizations can do to defend against these attack techniques.
Edmund Brumaghin is a threat researcher with Cisco Talos. He has spent the past several years protecting environments across a number of different industries including nuclear energy, financial services, etc. He currently spends his days hunting malware and analyzing various threats as they emerge and continue to evolve. In his time with Talos he has researched ransomware and other threats being distributed using various attack vectors. He has also worked to expose large scale malware campaigns and raise awareness of security threats observed across the threat landscape.
Have you ever felt compelled to tip your cap to a malicious threat actor? Protecting systems and networks as a tech defender means withstanding a constant barrage of unsophisticated attacks from automated tools, botnets, crawlers, exploit kits, phish kits, and script kiddies; oh my! Once in a while, we encounter attacks worthy of style points for creativity or new twists on old attack techniques. This talk features live demo reenactments from some advanced attacks investigated by the presenter. The live demos showcase technical deep dives of the underpinnings from both the attacker and investigator sides of these attacks. Attendee key takeaways are strategies, freely available tools, and techniques helpful during incident response investigations.
Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR), and is a show host for the ThreatReel Podcast. Matt has more than twenty years of combined professional experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA). He is a "Hacking is NOT a Crime" Advocate, volunteers as a technical mentor for the Women's Security Alliance (WomSA), and is a 2019 comSpark “Rising Tech Stars Award” winner. Matt has presented on numerous Information Security topics at many technology meetup groups and prominent Information Security conferences across the country.
]]>Please join the Ohio Information Security Forum for an in-person or virtual meeting (a simulcast of the in-person meeting).
When:
7:00PM via Google Meet
Meeting Link:
https://meet.google.com/vib-qmje-bkv
Meeting Phone Number:
+1 417-344-8736 (PIN: 186666675)
When:
The meeting is at 7:00PM with a social period from 6:30PM-7:00PM.
Pizza and refreshments will be served.
Where:
Ashford Center, 4141 Colonel Glenn Hwy, Beavercreek, OH 45431 (Suite 202B, Conference Room on 2nd Floor)
COVID-19 Safety Measures:
We will be following Ohio Department of Health's guidelines where masks will be required unless you are fully vaccinated. Honor system in place, we will not be asking your status.
7:00PM
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
During this presentation we will be discussing the risk and impact related to the improper disposal of embedded technology devices. I will be covering how malicious actors can scrap critical data from these devices, which could then lead to compromise of your personal or business networks. During this presentation we hope to have an open and free flow of ideas focusing on the risk, how its done, and how do we potentially avoid these issues.
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
]]>A brief overview of the Ohio Information Security Forum.
By: Jason Kinder
]]>A brief overview of the Ohio Information Security Forum.
By: Matt Scheurer
Prior to the Thursday meeting, click on this link, Workshop Download, to download and setup the workshop lab that will accompany Matt's presentation
]]>A brief overview of the Ohio Information Security Forum.
Food and drinks served
A brief overview of the Ohio Information Security Forum.
Registration is required (see link).
]]>A brief overview of the Ohio Information Security Forum.
By: Gilmer Smith
]]>Reverse Engineering:
https://github.com/The-Art-of-Hacking/h4cker/tree/master/reverse_engineering
https://github.com/tylerha97/awesome-reversing
IDA:
https://www.hex-rays.com/products/ida/
Radare2:
https://www.radare.org/n/radare2.html
Ghidra Keybindings:
https://github.com/JeremyBlackthorne/Ghidra-Keybindings
Humble Bundle:
Humble Bundle: Hacking 101
The Ghidra Book: The Definitive Guide
No Starch Press
Amazon
Food and drinks served
A brief overview of the Ohio Information Security Forum.
Understanding and Getting Started with JupyterLab
It is also available in the Archives.
]]>A brief overview of the Ohio Information Security Forum.
By: Dale Shelinbarger
]]>OISF will be conducting its monthly meeting virtually this coming Thursday, July 9th @ 7:00p.m. EDT. Please see the below information to join us in our continued effort to provide you with the latest trends to secure our digital world.
Date: July 9, 2020
Time: 7:00 PM Eastern Time (US and Canada)
Meeting Link: https://meet.google.com/ehs-hhaz-bdg
Join by phone: +1 210-951-9595 (PIN: 603777420)
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
This presentation will introduce attendees to the processionals of recovering file systems from data extracted from NAND flash chips. As part of this session we will be discussing and demoing the tools, methods and common processes for successfully recovering data.
]]>OISF will be conducting its monthly meeting virtually this coming Thursday, June 11th @ 7:00p.m. EDT. Please see the below information to join us in our continued effort to provide you with the latest trends to secure our digital world.
Date: June 11, 2020
Time: 7:00 PM Eastern Time (US and Canada)
Meeting Link: https://meet.google.com/qdf-ijdu-bfa
Join by phone: +1 423-657-0094 (PIN: 288437022)
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: All
]]>Sticking to the Governor’s and the CDC’s recommendations on social distancing, OISF will be conducting its monthly meeting virtually this coming Thursday, May 14th @ 7:00p.m. EDT. Please see the below information to join us in our continued effort to provide you with the latest trends to secure our digital world.
We apologize for canceling in March and April, but this whole COVID-19 thing has all of us struggling how to get things back to somewhat of a normalcy.
Date: Thursday, May 14th
Time: 7:00PM EDT
Meeting Link:https://us04web.zoom.us/j/75347438278?pwd=WHNLczk4NlNhYVFsY1JJTkgwdzlrUT09
Meeting ID: 753 4743 8278
Password: 7wtTQb
A brief overview of the Ohio Information Security Forum.
By: Dale Shelinbarger
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: Paul Hankins
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Roberts
By: John Roberts
By: John Carls
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: All
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
By: All
A chance for anyone to present on random subjects.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: Paul Hankins
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: All
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
By: Dale Shelinbarger
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Paul Hankins
By: John Carls
]]>July 13th 9:00AM - 5:00PM EST
Miami Valley Research Park
1900 Founders Drive
Suite 100
Dayton, Ohio 45420
Time | Speaker | Event |
---|---|---|
9:00 AM | Charles Monett/Paul Hankins | Checkin for Attendees and Breakfast |
9:30 AM | Dr. John Carls/Paul Hankins | Introduction |
9:45 AM | Deral Heiland | Uboot to Root |
10:45 AM | Robert Stewart | A Discussion of Secrets |
11:45 AM | Break for lunch - pizza provided on site by OISF | |
1:00 PM | Matt Scheurer | Continuous Skills Improvement for Everyone |
2:00 PM | Micah Brown | DLP Demystified |
3:00 PM | Dr. John Carls/Paul Hankins | Break for Dessert/Prize Giveaway |
3:30 PM | Barry Kimball | Pixel Tracking: How it’s used and abused |
4:30 PM | Dr. John Carls/Paul Hankins | Closing Remarks, Thanks, OISF Requests |
Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, and Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
As a social engineering practitioner there are many tricks I use to gain access to facilities, and ways that I coerce individuals into helping me achieve my goals along the way. We'll be talking about some of these tricks, tactics, and techniques to hopefully make my life harder and your security better.
Robert Stewart is a Security Consultant for Rapid7, working on engagements that range from network, web application, mobile, electronic social engineering, physical social engineering penetration test. 'I break into things for a living, lets talk about it.'
Matt Scheurer serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG) and works as a Systems Security Engineer in the Financial Services industry. Matt is also a Bugcrowd Ambassador. He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security conferences primarily across the Ohio, Indiana, and Kentucky Tri-State. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), Information Systems Security Association (ISSA), and InfraGard.
https://twitter.com/micahkbrown
Data breaches have become a common fixture of our daily lives. Executives are paying closer attention to their organization’s security posture and funding projects aggressively. Often these projects involve a rollout of flashy new technology and / or devices. These solutions are sold, marketed, and deployed as silver bullet solutions. Technologies such as DLP are open sandbox tools that allow a company to build policies around how data can be stored, processed, and transmitted. It is very easy for a company solely focused on standing up a DLP environment and not provide value to the business.
Micah K Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past four years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.
Barry Kimball has worked with computers the majority of his life. Having studied materials engineering and computer engineering has worked through how and what makes a chip work all the way to programming. Working in several fields of IT and wide range of industries. Currently run’s Cincinnati SMBA and member of several local security groups in the Cincinnati area.
All individuals interested in information security. This includes high school students, college students, professionals, and anyone else interested in our topics.
There is no minimum cost to attend, but there is a suggested donation of $20.
Registration will be at the door, limited to 110 attendees.
Breakfast: Bagels (subject to change)
Lunch: Pizza
Dessert: Cake (subject to change)
Drinks (throughout the day): Coffee, Soft Drinks (reg & diet), Water
6 CEU/CPE's are available for registered attendees. Request them at the end of the conference.
Sure! Contact us at info@ohioinfosec.org
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Matt Scheurer
Matt will be leading a Digital Forensics Workshop.
Needed Equipment:
Please bring a WiFi enabled laptop with a SSH client installed in order to participate in the hands-on lab exercises!
Optional Pre-work:
Matt will provide step by step instructions of the commands used during the labs. Attendees already familiar with SSH and Bash basics will be just fine. Anybody relatively new (or looking for a refresher) to Linux and / or SSH may want to brush up before the meeting.
SSH Basics Video:
https://www.youtube.com/watch?v=rfYZR6opTVg
Bash Basics Article:
https://medium.com/@jasonrigden/a-brief-tutorial-of-the-absolute-basics-of-bash-9a379c49f7a8
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Eric Renegar
By: Paul Hankins
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
An open discussion of recent events.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Matt Scheurer
What thoughts currently make tech defenders uneasy as they go to bed at night? Despite implementing and properly configuring the latest technological controls and security solutions into our environments, end users typically remain the most vulnerable point of entry into nearly any network. Unfortunately, only one misstep by a single user provides attackers with the foothold they need to begin compromising an entire enterprise network environment. The safety of our inboxes is a key initiative on the battlefront of protecting staff from the scourge of phishing and spear phishing attacks. We will perform a deep-dive look at the latest techniques used by criminals to bypass security products and traditional defense-in-depth strategies. We then focus heavily on conducting a digital forensic investigation on a sample phishing email message. Topics covered include technical analysis of message headers, message source code, message attachments, and malicious landing web pages even when a dedicated sandbox environment is unavailable.
Matt Scheurer is a Systems Security Engineer working in the Financial Services industry and serves as Chair of the Cincinnati Networking Professionals Association Security Special Interest Group (CiNPA Security SIG). He holds a CompTIA Security+ Certification and possesses multiple Microsoft Certifications including MCP, MCPS, MCTS, MCSA, and MCITP. He has presented on numerous Information Security topics as a featured speaker at many local area technology groups and large Information Security Conferences all over the Ohio, Indiana, and Kentucky Tri-State. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), Financial Services - Information Sharing and Analysis Center (FS-ISAC), and Information Systems Security Association (ISSA).
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Jerod Brennen
By: Zechary Carls
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: All
A light-hearted and humorous series of short presentations.
By: John Carls & Paul Hankins
An interesting topic relating to information security
]]>Place: The Wandering Griffin, 3725 Presidential Dr, Beavercreek, OH 45324
Time : 6PM-9PM
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
Recap of this year's DerbyCON.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Sarah Ashton
By: TBA
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Paul Hankins
By: Sarah Ashton
]]>July 14th 9:00AM - 5:00PM EST
Miami Valley Research Park,
1900 Founders Drive
Suite 100,
Dayton, Ohio 45420
Registration has closed.
Time | Speaker | Event |
---|---|---|
9:00 AM | Checkin for Registered Attendees and Breakfast | |
9:30 AM | Dr. John Carls | Introduction |
9:45 AM | Robert Stewart | Catching the Social Engineer |
10:45 AM | Jerod Brennen | Hacking Identity, A Pen Tester’s guide to IAM |
11:45 AM | Break for lunch - pizza provided on site by OISF | |
1:00 PM | Matt Scheurer | Active Defense: Helping the Threat Actors Hack Themselves |
2:00 PM | Deral Heiland | Hardware Hacking, Ginsu Chef Style |
3:00 PM | Break for Dessert | |
3:30 PM | Tim Wright | Presentation TBA |
4:30 PM | Closing Remarks, Thanks, OISF Requests |
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: Paul Hankins
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
By: Matt Scheurer
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By:Deral Heiland
By: John Carls
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
A continuation of the PFSense Basics series, with a focus on Remote Access VPNs.
By: Paul Hankins
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Carls
By: All
Open Discussion on Current Events
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
This presentation will cover some of the basics about pfSense, along with installation, configuration, and other demos.
By: All
A discussion of relevant current events, starting with Meltdown & Spectre.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Everyone (including us)
This year, we'll be prepping a number of slide decks for volunteers to present. No preparation or knowledge necessary! Some decks are serious, some are funny, most are completely ridiculous. Be sure to join us for a really fun meeting.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Sarah Ashton
By: Matt Scheurer
Writing Regular Expressions (Regex) is a versatile skill set to have across the IT landscape. Regex has a number of information security related uses and applications. We are going to provide an overview and work through examples of writing Regex as a group for pattern matching and file content analysis using sample threat feed data in this presentation. Along with a healthy dose of motherly advice, we cover Regex syntax, character classes, capture groups, sub-capture groups and quantifiers. Whether Regex is something completely new or worth brushing up on, this talk is geared toward you.
Matt Scheurer is a Systems Security Engineer working in the Financial Services industry. Matt holds a CompTIA Security+ Certification and possesses a number of Microsoft Certifications including: MCP, MCPS, MCTS, MCSA, and MCITP. Matt has presented on numerous Information Security topics as a featured speaker at a number of area Information Security meetup groups. Matt also had notable speaking engagements as a presenter at DerbyCon 5.0, DerbyCon 7.0, and the 10th Annual Northern Kentucky University Cyber Security Symposium. Matt maintains active memberships in a number of professional organizations including the Association for Computing Machinery (ACM), Cincinnati Networking Professionals Association (CiNPA), and Information Systems Security Association (ISSA). Matt is a regular attendee at monthly Information Security meetings for 2600, the CiNPA affiliated Security Special Interest Group (CiNPA Security SIG), Ohio Information Security Forum (OISF), and Cincinnati Security MBA (SMBA).
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: All
Discussion on current information security related events.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: All
A discussion about the recent Equifax breach.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Hermes
By: All
A discussion of current-day topics relating to information security.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
Note: This is the third part of a multi-month exercise. Bring your notes, tools, and perhaps a laptop.
Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, and Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
By: All
A discussion of current-day topics relating to information security.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Robert Stewart
A talk on social engineering and physical security.
By: ALL
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
Note: This is the second part of a multi-month exercise. Bring your notes.
During this multi-month group exercise we will be examining an IoT-based product. We will methodically step through each part of this product's ecosystems (Mobile, Cloud, Hardware, Communication) to understand how it functions, search for vulnerabilities and determine how an attacker could potentially exploit it.
Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, and Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
By: TBA
Food and drinks served
By: Tom Webster
With the huge obsession with various messaging platforms out there, I wondered if I could roll my own based on XMPP, but do so securely. Follow me trials, errors, and frustrations as I dig through XMPP and try to deploy a modern messaging service using an antiquated standard.
Tom Webster is just a tech guy who rants about virtually everything. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com and Twitter.
By: Everyone
]]>Tim Wright presented on Planning and Executing a Red Team Engagement. You can grab the slides right here.
OISF lives on your donations. Shake down your boss: Become a donor today. OISF is a 501c3 organization and donations are tax deductible. For more information, email info@ohioinfosec.org.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
During this multi-month group exercise we will be examining an IoT-based product. We will methodically step through each part of this product's ecosystems (Mobile, Cloud, Hardware, Communication) to understand how it functions, search for vulnerabilities and determine how an attacker could potentially exploit it.
Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, and Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.
]]>OISF lives on your donations. Shake down your boss: Become a donor today. OISF is a 501c3 organization and donations are tax deductible. For more information, email info@ohioinfosec.org.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Hermes
Familiarity and complacence administering the Windows platform lead to some nasty surprises while managing Microsoft's Active Directory in the Windows 10 era.
Organizations world-wide were caught by surprise during the summer of 2016 when Microsoft released patches to address critical security vulnerabilities and made significant changes to both group policy (GP) processing and print driver enforcement. Here is a first-person account from a distracted, overworked and reluctant Windows administrator who didn't see it coming.
First, we'll take a quick tour of GP basics and examine the security issue that forced changes to how they're applied. Next, we'll look at flipping our perspective on permissions for deploying effective policies. Finally, we'll take a look at the Vista-era printer driver model that was effectively ignored by some big vendors - until Microsoft made it mandatory. We'll see why some big-name printers still refuse to deploy and then learn the surprisingly simple way to bypass these new restrictions.
John Hermes is a prestigious board member for OISF and all around awesome dude. When John isn't teaching the world how to be better attackers and defenders, he's policing and securing networks all over.
By: Everyone
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Evan Anderson
This talk is a review and demonstration of an inexpensive hardware security module, the Nitrokey HSM. We examine the practical concerns encountered using this module in a PKI/code signing system we developed for a client. We will demo using the device to create an HSM-backed certification authority with open source tools. This sub-$100 device puts a very functional HSM well within the financial reach of small business and individuals.
Evan Anderson has worked in contract IT services since 1998. He is currently a partner in Wellbury Information Services of Dayton, OH. His infosec-related work includes security architecture reviews, application and network penetration testing, and training clients in financial, medical, and public policy sectors.
By: Tom Webster
The first step to securing your environment is to know that things are configured properly, from firewall rules to your ssh configuration. Oh, you set those up years ago? Think they're all the same across all of your servers? What about that one time you changed that one thing when trying to fix an issue, did you ever go back and re-secure your configs?
In this talk, I'll walk you through the very basics of Ansible and how you can use it to get your environment configured and keep it in check. I'll focus mainly on Ansible set up, ssh configuration, and iptables rules.
Tom Webster is a Linux Sysadmin at Cincinnati Bell and part of the board for the Ohio InfoSec Forum. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com and Twitter.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
It's that time of year, again! Just like we did last year, we'll be prepping a number of slide decks for volunteers to present. No preparation or knowledge necessary! Some decks are serious, some are funny, most are completely ridiculous. Be sure to join us for a really fun meeting.
]]>We had a very interesting discussion on how to secure CubeSat communications, here are those notes:
Limitations:
Good things:
Thoughts on securing the communications channel:
Other notes:
OISF lives on your donations. Shake down your boss: Become a donor today. OISF is a 501c3 organization and donations are tax deductible. For more information, email info@ohioinfosec.org.
]]>Food and drinks served
This meeting will be held in the big auditorium this month! Same building, same time.
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
In this presentation, we will take a look at the inner workings of networked cameras and highlight relevant security issues.
In addition to refining his own surveillance system and volunteering for OISF, Charles has additional interests in UNIX, Python, and networked devices. For 4 years, Charles worked at Dayton Daily News in an IT support capacity.
In 2015, he earned a Management Information Systems degree from Wright State University and was inducted into the Beta Gamma Sigma Honor Society.
By: Everyone
]]>OISF lives on your donations. Shake down your boss: Become a donor today. OISF is a 501c3 organization and donations are tax deductible. For more information, email info@ohioinfosec.org.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Robert Stewart, Security Analyst @ Rapid7
As a pentester I work with customers to identify their goals and expectations of an internal assessment. Generally, these goals and expectations boil down to, ‘what is the risk of an attacker with access to the internal network achieve?’. We typically consider an attacker without any access, or an average user being able to elevate their privileges to Domain Administrator (DA) as full compromise. Surprisingly, most of the internal assessments I’ve done are composed of a several steps to achieve DA access.
In this presentation I will walk through those steps and show what can be achieved when a user has no access to the network. Starting with gaining access to a user account and then latterly moving through the network to compromise Active Directory (AD).
I’ve worked in most areas of Information Technology for the past twelve years, most recently hacking all the things.
By: Everyone
]]>OISF lives on your donations. Shake down your boss: Become a donor today. OISF is a 501c3 organization and donations are tax deductible. For more information, email info@ohioinfosec.org.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
Bad code or compromises in one site can affect other sites on the same system. In this talk, I'll explain how that happens and how BSD Jails can help prevent tragedy. This will be very demo-heavy.
Tom Webster is a Linux Sysadmin at Cincinnati Bell and part of the board for the Ohio InfoSec Forum. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com and Twitter.
By: Everyone
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
Things go bump in the night. Something goes missing. We want to know why. In this presentation, we discuss how to design and set up a networked surveillance system. A dual emphasis will be provided on security and privacy - often overlooked concerns.
In addition to refining his own surveillance system and volunteering for OISF, Charles has additional interests in UNIX, Python, and networked devices. For 4 years, Charles worked at Dayton Daily News in an IT support capacity.
In 2015, he earned a Management Information Systems degree from Wright State University and was inducted into the Beta Gamma Sigma Honor Society.
By: Everyone
]]>July 9th 8:00AM - 5:00PM EST
Miami Valley Research Park 1900 Founders Drive Suite 100 Dayton, Ohio 45420
Start | End | Event |
---|---|---|
8 AM | 8:45 AM | Registrations and Breakfast |
8:45 AM | 9 AM | Introduction |
9 AM | 10 AM | Adrian Crenshaw |
10:15 AM | 11:15 AM | Tim Wright |
11:30 AM | 12:30 PM | Jason Samide |
12:30 PM | 1:30 PM | Lunch |
1:30 PM | 2:30 PM | Dino Tsibouris and Mehmet Munur |
2:45 PM | 3:45 PM | Joel Cardella |
3:45 PM | 4 PM | Cake |
Adrian Crenshaw has worked in the IT industry for the last seventeen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He holds a Master of Science in Security Informatics, works for TrustedSec as a Senior Security Consultant and is one of the co-founders of Derbycon.
Recently, several padlocks have come on the market that use a smartphone to unlock them instead of a key. This talk will cover these locks, potential bypasses and attack vectors as well as provide information on Bluetooth low energy. Locks covered will be the Quicklock, Noke, Master Lock 4401DLH and perhaps a few others.
Dino Tsibouris is the founding principal of the law firm Tsibouris & Associates, LLC, which is recognized as a Tier 1 firm in Information Technology Law by US News’ Best Law Firms. His practice concentrates in the area of technology and intellectual property law with specific focus on electronic commerce, online financial services, software licensing, and privacy law. In addition, Mr. Tsibouris' practice includes the implementation of electronic signatures, records management and information security. He was previously an attorney with Thompson Hine LLP and a Vice President and Counsel for e-Commerce and Technology at Bank One Corporation (now JPMorgan Chase). He has conducted CLE and trade association presentations on various e-banking and e-commerce matters, and participated in many regulatory and industry task forces addressing new legislation.
Mehmet Munur is a Partner at Tsibouris & Associates, LLC. He concentrates his practice in the areas of technology law, data privacy and security, and financial services. Before becoming a partner at Tsibouris & Associates, LLC, Mehmet was an attorney at IBM focusing on technology law, software licensing and services, information privacy and security, and product development.
Dino Tsibouris and Mehmet Munur will be presenting on a lawyer’s perspective on data security. They will discuss data security breaches and trends in 2016, federal and state regulators’ perspective on data security, and developing international privacy issues.
Mr. Samide has worked in Information Technology for the past 12 years focusing on Fortune 500 companies to include financial, manufacturing, healthcare, technology as well as State Government and the Department of Defense. For the past eight years specializing in information security initiatives, each job has brought its own perspective with each experience building upon the next.
Jason has focused his career towards cyber security and managed security programs and continues to hone his skills through researching technologies and his involvement with various security groups around the region. Mr. Samide serves as Stealthcare’s Vice President of its Cyber Intelligence Division and provides IT and security services to Stealthcare’s broad corporate client base across the US, Canada, and abroad.
While technology is a method of enforcing policies, Jason understands the business side of technology having earned his Master’s Degree in Business Administration. Jason is passionate and driven to provide secure solutions to some of the most challenging environments facing Stealthcare’s clients today. He is a Certified Information Systems Security Professional (CISSP) and has obtained multiple Microsoft and Cisco certifications.
Mr. Samide graduated from Cleveland State University with a Bachelor’s Degree in Finance and Masters of Business Administration from Cleveland State University.
2016 Predictions and How History repeats itself
Joel Cardella has over 24 years of experience in information technology, having run a gamut from network operations, sales support, data center management, field operations and information security. He has worked in industries including telecommunications, healthcare and manufacturing. Prior to rapid7 he held the role of Regional Security Officer for North America for a multinational manufacturing company.
As a former CISO, he helps C-suite executives better interact on information security topics. He also helps organizations build and run security programs, manage risk, and increase their security maturity posture. As a public speaker he has presented at security conferences across North America, Infragard, and US Army TACOM LCMC. He is an instructor at Eastern Michigan University teaching business-focused IT and network security, and holds a Masters Degree in Organizational Leadership. Joel is an ISACA Certified Information Security Manager (CISM).
This presentation will discuss the product of nearly a year’s worth of opportunistic credential scanning data collected from Heisenberg, Rapid7’s public-facing network of low-interaction honeypots. Instead of focusing on the passwords that end users typically pick, with this data we can see what opportunistic scanners are using in order to test— and likely compromise— Internet connected point of sale (POS) systems, kiosks, and scamware-compromised desktop PCs which offer the Remote Desktop Protocol (RDP) service for remote management.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Hermes
Ever wonder how to use wireshark? Here's the basic introduction to one of the most popular network analysis tools around.
John Hermes is a prestigious board member for OISF and all around awesome dude. When John isn't teaching the world how to be better attackers and defenders, he's policing and securing networks all over.
By: Everyone
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
A brief look into Tor hidden services and how to run your very own hidden website!
Tom Webster is a Linux Sysadmin at Cincinnati Bell and part of the board for the Ohio InfoSec Forum. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com and Twitter.
By: Everyone
]]>6:00pm:
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
During this presentation we will be demonstrating how to use available tools such as (JAGUALATOR) to identify UART and JTAG connection on a embedded device, once identified we will be using another tool called (SHIKRA) to establish a console connection to the device for further examination. We will also be discussing basic soldering techniques and internet resources available for hardware hacking.
Deral Heiland serves as a Research Lead for Rapid7 Global Service. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst.
By: Timothy Wright and Stephen Halwes
During this talk we will be discussing hardware reverse engineering and why this is becoming a new way for attackers to compromise company networks. We will discuss how vendors are now leaving potentially malicious code within firmware and how some attackers could exploit these vulnerabilities. We will also discuss why it is important for companies to spend time reviewing hardware for vulnerabilities prior to deploying the systems within your company’s network and outlining a process on how to perform this work.
The presenters will outline each phase of the hardware reverse engineering assessment, outlining how to exploit various vulnerabilities that you may discover and provide a list the software and tools that will be needed to support this work. Finally we will talk about how you should be documenting your findings for management and how to properly disclose the findings to the vendor once the test has been completed.
Timothy Wright - Penetration Testing team lead at American Electric Power in Columbus Ohio. Currently his focus is on penetration testing, threat emulation and hardware reverse engineering. Tim has 19 years of IT experience with a focus on offensive security testing. He is a member of the independent research group nullbyte (http://www.nu11byte.com) which works on many projects from embedded security to various CTF’s and events. You can hit him on Twitter @redteam_hacker.
Stephen Halwes - Cyber security researcher at PreTalen Ltd. in Beavercreek Ohio. Currently his focus is on embedded hardware and software reverse engineering. Stephen has 6 years of IT experience with a focus on offensive security testing. He is a member of the independent research group nullbyte (http://www.nu11byte.com) which works on many projects from embedded security to various CTF’s and events. You can hit him on Twitter @genonullfree.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
Now that you've got a basic pfSense install up and running. I'll teach you how to safely allow remote access and set up whole-home VPN.
Tom Webster is a Linux Sysadmin at Cincinnati Bell and part of the board for the Ohio InfoSec Forum. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com, his Google Plus profile, and Twitter.
By: Everyone
Discuss current events in InfoSec! And by 'current events', I mean Apple.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
Get rid of your Linksys and take control of your network. In this demo-heavy presentation, I'll walk you through basic pfSense installation and configuration.
Tom Webster is a Linux Sysadmin at Cincinnati Bell and part of the board for the Ohio InfoSec Forum. He's constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com, his Google Plus profile, and Twitter.
By: Everyone
Discuss current events in InfoSec!
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Paul Hankins
By: Everyone
Discuss current events in InfoSec!
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
It's that time of year, again! Just like we did last year, we'll be prepping a number of slide decks for volunteers to present. No preparation or knowledge necessary! Some decks are serious, some are funny, most are completely outrageous. Be sure to join us for a really fun meeting.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Eric Renegar
An introductory look into Nmap for beginners. This presentation will explain how Nmap leverages TCP/IP protocol to explore networks and the devices connected to them. Then use Nmap to conduct ping sweeps, port swings, and stealth port scans.
Eric Renegar is an Assistant Professor at Sinclair Community College and has 11 years of experience working in IT. He teaches A+ Certification, Networking and user support.
By: Everyone
Discuss current events in InfoSec!
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
Mr. Robot is a great show, but how accurate is it really? In this non-technical talk, you may just learn a thing or two.
Tom Webster is Linux Admin at Cincinnati Bell. He’s constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com. Tom has a secret love of cooking while wearing Google Glass and can make a damn good pot roast.
By: TBA
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Dan Wilkins
A complete introduction to Kali Linux, the number one pentesting Linux distribution. This talk will be the foundation for many of the tools we talk about in future meetings. Really cool stuff!
By: Virgil Văduva
A discussion on the current landscape of State surveillance, crypto, and new tools aimed at subverting surveillance and helping activists meet their goals. In addition, I'll discuss two new tools I am working on, the Cell platform and the Cell 411 app I released about a month ago.
Virgil is the founder of 614con, he writes and speaks on security topics and has over 18 years of security experience in corporate America. Currently he is taking time off from security work to learn how to make the best soy sauce in the world, develop mobile apps and think of new ways to help activists stay out of trouble.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Robby Stewart
Brief history of Knox and it's bennifits and failures.
While Robby isn't running, trekking through the wilderness, or challenging the essence of nature itself, Robby spends his time as a security professional. Robby battles malware, locks down networks, and teaches grandmothers about password security. He has given many talks at OISF over the years and always has something cool to teach.
By: Everyone
]]>July 11th 8:00AM - 5:00PM EST
Miami Valley Research Park 1900 Founders Drive Suite 100 Dayton, Ohio 45420
Get listed as an official sponsor of the Ohio InfoSec Forum on our Sponsors Page and on our monthly side deck!
Start | End | Event |
---|---|---|
8 AM | 8:45 AM | Registrations and Breakfast |
8:45 AM | 9 AM | Introduction |
9 AM | 10 AM | Ben Ten |
10:15 AM | 11:15 AM | Dave Kennedy |
11:30 AM | 12:30 PM | Adrian Crenshaw |
12:30 PM | 1:30 PM | Lunch |
1:30 PM | 2:30 PM | Phil Grimes |
2:45 PM | 3:45 PM | Dino Tsibouris |
3:45 PM | 4 PM | Cake |
Dave Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective. David was the former Chief Security Officer (CSO) for a Fortune 1000 company where he ran the entire information security program. Kennedy is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the Social-Engineer Toolkit (SET), and Artillery. Kennedy has been interviewed by several news organizations including CNN, Fox News, MSNBC, CNBC, Katie Couric, and BBC World News. Kennedy is the co-host of the social-engineer podcast and on a number of additional podcasts. Kennedy has testified in front of Congress on two occasions on the security around government websites. Kennedy is one of the co-authors of the Penetration Testing Execution Standard (PTES); a framework designed to fix the penetration testing industry. Kennedy is the co-founder of DerbyCon, a large-scale conference in Louisville Kentucky. Prior to Diebold, Kennedy was a VP of Consulting and Partner of a mid-size information security consulting company running the security consulting practice. Prior to the private sector, Kennedy worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.
It seems that businesses are truly struggling with how to handle the threats we face as organizations when it comes to information security. From breach to breach, the techniques seem similar yet they completely rip through everything we’ve tried to protect against. As an industry, we’re fighting to define ourselves in a manner where we can actively combat the different demographics we see from attackers. This presentation will walk through what we face as organizations, both politically as well as an industry. Information security isn’t a technology problem – it’s a social issue. Until we recognize that, we will continue to see the continued breaches year after year as we continue to battle (and lose) the same types of attacks. There’s a lot of talk inside the industry on technical controls, products, adversarial simulation, and more for strengthening our defenses. These couldn’t be further away from what we really need to combat these types of attacks. This talk will also be demonstrating effective measures to combat some of the main techniques attackers use in order to attack an organization.
Phil Grimes is parent, biker, and Information Security Professional with experience in providing security assessments and penetration testing services to organizations ranging from small businesses, financial institutions, e-commerce, telecommunications, manufacturing, education and government agencies, as well as international corporations. Phil started working with network and Internet security as a hobby harassing AOL in the late 1990’s, developing his technical skill set independently until joining the professional security industry in 2009. After a change in career trajectory in 2012, vulnerability research and exploit development became a main focus of attention. Phil’s experience in application security, penetration testing, mobile/Smart Phone security, and social engineering have proven successful in assessments for high profile customers both domestically and around the globe. An accomplished speaker and presenter, Phil has engaged on various topics for notacon, CUISPA conferences, OWASP meetings, and at the Central Ohio ISSA InfoSec Summit in addition to various other speaking appearances to a wide range of audiences.
With growing trends in globalization, the Information Technology bundle of industries continue to be saturated with bodies and starving for talent at the same time. In this session, hear the perception of a basement hacker turned IT professional about learning how to learn, the challenges of growing up in "the underground", and bridging the gap into the professional arena; and members of the Reynoldsburg High School Cyber Patriot team who are forging their skills and identities within the Information Security crowd. We have to grow beyond "turning it off and then turning it back on again". Fostering the growth of talented kids is vital to strengthening the ranks of industry roles in the future by getting involved and engaging them on their turf. This is a high-level discussion on how we (and our peers) view, interact with, and take part in watering the fruit of tomorrow's IT Crowd.
Dino Tsibouris is the founding principal of the law firm Tsibouris & Associates, LLC. His practice concentrates in the area of technology and intellectual property law with specific expertise in electronic commerce, online financial services, software licensing, and privacy law. In addition, Mr. Tsibouris' practice includes the implementation of electronic signatures, records management and information security. He was previously an attorney with Thompson Hine LLP and a Vice President and Counsel for e-Commerce and Technology at Bank One Corporation (now JPMorgan Chase). He has conducted CLE and trade association presentations on various e-banking and e-commerce matters, and participated in many regulatory and industry task forces addressing new legislation.
Please read Dino's full bio.
Dino Tsibouris and Mehmet Munur will be presenting about the lawyer’s perspective on data security breaches and recent developments and trends in data security breaches. They will also discuss issues relating to managing and responding to data security issues in the cloud. They will also talk about addressing security and data breach related issues with vendors in contracts.
Ben Ten is a Senior Security Consultant. He has over 14 years of experience doing Application & Web Development; Security Implementation, Consulting, & Training; Federal Regulation and Compliance oversight in relation to Information Technology (HIPAA, HITECH, PCI); and managing a team of developers and IT professionals. He is the creator of the PoshSec Framework. He also runs the BSides Joint Task Force CTF, is an active board member of Secure Chicago, LLC, and works with the PoshSec development team.
We have seen PowerShell gain attention and adoption in the last few years. People are beginning to realize that there is more to PowerShell than another scripting language. With the adoption comes more tools and resources for both the offensive and defensive sides of security. This talk is designed to give you a first hand look of using PowerShell in both an offensive attacking scenario as well as a defensive scenario. In this talk I will be focusing on the tools, methods, and techniques that are being used from both offensive and defensive mindsets. I will highlight existing tools that can be leveraged as well as teach you how to write some custom tools yourself. We will dive into the more complex ideas with PowerShell and the .NET Framework. At the end of this talk, you will learn that there are many ways to leverage PowerShell to your advantage; regardless of what color hat you wear.
Adrian Crenshaw has worked in the IT industry for the last seventeen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He holds a Master of Science in Security Informatics, works for TrustedSec as a Senior Security Consultant and is one of the co-founders of Derbycon.
This talking will cover the history of passwords and password storage. We will talk about how storage of passwords has evolved over the years, screw ups in password schemes, hash types, weaknesses, etc.
Thanks for attending this year! As a gift to our generous speakers and a giveaway to a random attendee, we're giving out Raspberry Pi 2 units in a custom-made OISF Case! You can find download and print your own using this part on Thingiverse, if you're into viewing the source repository, including logo SVG, head over to GitHub. This part and all associated files are licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) License. Feel free to share, remix, download, print, and modify it as you wish. Thanks to walter for the original part!
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Deral Heiland
By: Everyone
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Charles Monett
Mobile devices, such as your phone or tablet, can say a lot about you. When you take them with you, they can say a lot more. In this presentation, you will hear about how devices, their locations, and generated network traffic describe the actions of individuals in a given area. In addition, it also discusses some possible responses one can make as a reasonable, yet privacy conscious, person. Finally, the presentation will explore other ways to interact with these kinds of environments.
Charles Monett has held a deep interest in the matters of IT and security. He currently holds a Bachelor of Science in Management Information Systems from Wright State University, and is currently a member of multiple academic honor societies (Beta Gamma Sigma, Phi Kappa Phi). Previously, he has provided technical support for a major newspaper publishing company. Over time, he has learned various forms of UNIX (OpenBSD, FreeBSD, HP/UX, AIX) and Linux. In addition, he also has gained an understanding of various servers, workstations, mobile devices, and wireless systems (802.11-based). Finally, Charles spends his spare time developing and refining web-based applications.
By: Everyone
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
If I can make this work, it might be cool. If I can't make it work, I'll have a different topic to talk about, probably a demo of some kind.
By: Everyone
Potential News Stories:
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: John Hermes
If you've ever wanted to watch malware in action, Cuckoo lets you analyze a software threat and helps you safely document it's behavior in a virtual environment.
By: Dan Wilkins
A brief presentation on augmenting a security program using the cloud.
]]>6:00pm:
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Jason Todd, Caesar Creek Software
Debuggers are usually helpful in dynamic analysis of software... that is, unless the software in question is malware. Your unfriendly neighborhood trojan or worm hates debuggers. On the Windows platform, there exists a selection of debuggers with various levels of "anti-anti-debugger" capabilities. In the Linux/Unix world, where malware is becoming more common, we have little more than GDB. While GDB works pretty well for everyday debugging, when pitted against malware it's far too trusting... and vulnerable. Presented here is linja, a stealthy debugger for Linux systems. Written from the ground up to remain invisible to its targets, linja provides the same insight, control, and extensibility expected of a good debugger. This presentation will coincide with the release of linja, licensed under the GPL!
Jason Todd is a systems engineer at Caesar Creek Software in southwest Ohio (http://www.cc-sw.com). The lowest, deepest levels of software have always been his playground. From kernel subsystems (e.g. schedulers, memory management) to the intricate details of several CPU architectures (e.g. assembly language, MMU interfaces), Jason enjoys researching and experimenting within the innermost worlds of software.
By: Dan Wilkins
Come ready to discuss the cloud, horror stories and success stories. This will be highly interactive and will include a follow-up presentation the following month.
]]>6:00pm:
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Matthew Kienow
Solo presentation of Deral Heiland and Matthew Kienow's DerbyCon 4.0 talk "Simple Network Management Pwnd" - As a large number of embedded devices are deployed throughout home and industry worldwide. We find little or no effort being made to properly secure SNMP services, as a result potentially millions of these devices expose access to their SNMP services over the Internet. This creates a silent killer. Users are unaware as attackers can easily leverage these services to extract critical data and potentially alter security features leading to further compromise. During this presentation we will deliver an in depth examination of the SNMP protocol and associated device MIB security issues. Covering such topics as SNMP protocols, MIBs structures, Information extraction methodologies. Leveraging live demonstrations we will also show several examples of critical data leakage, and walk the audience through methods for extracting data and performing comparative analysis for the purpose of discovering critical information stored in SNMP private MIBs.
Matthew Kienow is a software engineer and independent security researcher. He has designed, built, and successfully deployed secure software solutions, however, often enjoys breaking them instead.
By: Josh Muller
What are bitcoins and why are they valuable? How does the Bitcoin network and payment system work? How can one secure his/her bitcoin wallet? How does one buy or sell bitcoins? What are the some of the implications of Bitcoin for society? These and other questions will be addressed in the presentation, “An Introduction to Bitcoin & Cryptocurrency.”
A Dayton-area network systems consultant by day and a cryptocurrency enthusiast by night, Josh has been fascinated with computers & technology from a young age. As a child, he built & rebuilt computers, and built a website for a friend’s company at the age of 12. While taking some programming classes in high school, his interests shifted towards system administration & network security, and he began working in the field of IT shortly after graduation. In college, his interests expanded towards finance & economics, and after discovering Bitcoin and other innovative digital currencies he has been a supporter of them ever since. After obtaining a bachelor’s degree in Information Systems, he began his career in IT which he continues to this day.
]]>6:00pm:
Food and drinks served
A brief overview of the Ohio Information Security Forum.
It's that time of year, again! Just like we did last year, we'll be prepping a number of slide decks for volunteers to present. No preparation or knowledge necessary! Some decks are serious, some are funny, most are completely outrageous. Be sure to join us for a really fun meeting.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Dan Wilkins
By: Tom Webster
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Nate Power
Outlook Web Access is one of the most widely deployed web apps in corporate environments. Nate has discovered and leveraged various security holes to learn about the company's internal network as the exchange configuration.
Nate Power is a pen tester and security researcher at CDW. He's an expert at web application testing and seeking out vulnerabilities in common frameworks. He's spoken at DerbyCon, Passwords Con, and other security conventions.
By: Robby Stewart
Recap of the past few weeks and the revelations of the biggest security hole to be exposed this year!!!!! (aside from that whole openssh nonsense...) Bring your spoon because we're going to take a dip into some tasty shells (minus the cheese) and talk about how bash has gone vulnerable to a pretty big hole for some time now.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Dan Wilkins
By: Tom Webster
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Amber Gott of LastPass
Amber is the Marketing Manager at LastPass, the world's leading password manager. LastPass simplifies online life by remembering your passwords for you, filling your usernames and passwords as you login to your sites, and generating secure passwords for each of your online accounts.
Amber oversees LastPass' online communities, coordinates content development for the blog and website, and prepares and executes a range of marketing strategies.
Learn more about LastPass here.
By: Dino Tsibouris
Legal regulation
Terms of use – hidden surprises
Ownership of data
Third party issues
Public/Private/Geolocated Clouds
Audit
Privacy
Conversion at termination
Dino Tsibouris is the founding principal of the law firm Tsibouris & Associates, LLC. His practice concentrates in the area of technology and intellectual property law with specific expertise in electronic commerce, online financial services, software licensing, and privacy law. In addition, Mr. Tsibouris' practice includes the implementation of electronic signatures, records management and information security.
He was previously an attorney with Thompson Hine LLP and a Vice President and Counsel for e-Commerce and Technology at Bank One Corporation (now JPMorgan Chase).
He has conducted CLE and trade association presentations on various e-banking and e-commerce matters, and participated in many regulatory and industry task forces addressing new legislation.
Please read Dino's full bio.
]]>July 12th 8:00AM - 5:00PM EST
Miami Valley Research Park 1900 Founders Drive Suite 100 Dayton, Ohio 45420
In order to attend this event, registration is required and is only $10. This can be done in advance through the Paypal link below:
Start | End | Speaker | Title |
---|---|---|---|
8:00 | 8:30 | Check-in and Breakfast | |
8:30 | 9:00 | Introduction | |
9:00 | 10:10 | Jerod Brennen | For the Love of God, DEFEND YOUR MOBILE APPS! Part 2 |
10:20 | 11:30 | Dave Kennedy | Looking Ahead – Changing Security Now. |
11:40 | 12:50 | Adrian Crenshaw | Lockade: Electronic Games for Locksport |
13:00 | 13:30 | Lunch | |
13:30 | 14:40 | Deral Heiland | Praeda to PraedaSploit: The embedded device data Harvesting tool for the masses |
14:50 | 16:00 | Tom Webster | Modern Times: Passwords |
16:00 | 16:30 | Cake and prizes |
David Kennedy is the President / CEO of TrustedSec, LLC. David was a Chief Security Officer (CSO) for an international fortune 1000 company located in over 77 countries with over 18,000 employees. David developed a global security program with a large dedicated team. David is considered a thought leader in the security field and has presented at many conferences worldwide. David has had guest appearances on FoxNews, BBC, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale security conference in Louisville Kentucky. David also co-authored Metasploit: The Penetration Testers Guide book (with Devon Kearns, Jim O’Gorman, and Mati Aharoni) which was number one on Amazon.com in security for over 6 months. David was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies.
We always hear about the failures of the security industry and it seems that each talk we go to just plunges us further down into how bad we’re doing with INFOSEC. This talk is a little bit different, it goes into the successes we’ve had and how we need to keep moving forward to protect our corporations and intellectual property. There are also a number of things that we need to change in order to progress and continue to move forward. This talk goes into the successful building blocks of an information security program and things that you can use right now to improve and better what your currently doing. With any of my talks, I always keep it fun and interactive, we’ll be showing some of the advanced attacks going on today, and quick wins and simple things to block a number of them without investing in the latest whiz bang piece of technology.
Adrian Crenshaw has worked in the IT industry for the last seventeen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools. He did the cert chase for awhile (MCSE NT 4, CNE, A+, Network+. i-Net+) but stopped once he had to start paying for the tests himself. He holds a Master of Science in Security Informatics, works for TrustedSec as a Senior Security Consultant and is one of the co-founders of Derbycon.
Gamification can make learning more fun, and some people are inspired and motivated by competition. This talk will be on integrating hobbyist electronics with lock picking games. We will show rough schematics, release code, and invite people to play the games at the con.
Deral Heiland CISSP, GWAPT, serves as a Senior Security Consultant for Rapid7 where he is responsible for security assessments, and consulting for corporations and government agencies. Deral is also founder of Ohio Information Security Forum a not for profit organization that focuses on information security training and education. Deral is also the creator of the open source tool “Praeda” an data harvesting tool used to extract critical information from embedded devices. Deral has also presented at numerous national and international security conferences including BlackHat, ShmooCon, Defcon, Derbycon, Hacker Halted, Securitybyte India and Hackcon Norway. Deral has been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC, Threatpost and SC Magazine.
In this presentation I will discuss several of the most effective Multifunction printer attack vectors and how they can be leveraged by attackers to compromise critical systems. I will also be discussing the automation of these attack vectors. Including the the current open source automated data harvesting tool Praeda. We will also discuss the current project to migrate all exploit and data discovery modules it into Metasploit, and the planed future development of Praedasploit, for the automation of system fingerprinting and integration into Metasploit.
Tom Webster is an IT grunt, VPN admin, Security Lead, Programmer, and general tech guy at BWI Group. He’s constantly breaking, fixing, and researching things as well as ranting over at SamuraiLink3.com and his Google Plus profile. Tom has a secret love of cooking while wearing Google Glass and can make a damn good pot roast.
The password has been around for a good portion of known human history. We’ve become experts and making bad passwords and forcing others to do the same. What happens when we start taking a modern look at passwords and approach the topic pragmatically?
By day, Jerod (@slandail) is CTO & Principal Security Consultant with Jacadis, an award-winning security solutions and services provider. By night, he’s a husband, father, writer, filmmaker, martial artist, musician, gamer, and social media junkie.
Jerod has over a decade of IT, infosec, and compliance experience. He spent years as an Information Security Specialist with American Electric Power, one of the largest electric utilities in the U.S., before moving to Abercrombie & Fitch, and multibillion dollar international luxury retailer. At A&F, Jerod built out and managed the information security program. His team was tasked with security operations, PCI and SOX compliance, and identity and access management.
At Jacadis, Jerod is responsible for performing security assessments, penetration tests, and security architecture reviews, as well as evaluating security technologies on behalf of Jacadis clients. He applies his hands-on experience in support, management, and budgeting roles to help Jacadis clients identify and implement reasonable and appropriate security controls to meet their security and compliance obligations.
Jerod has presents frequently for local and regional information security professional organizations, as well as larger information security conferences. He also teaches information security courses on behalf of MIS Training Institute, both domestically and internationally.
His approach to infosec has two key tenets: you shouldn’t be afraid to void warranties, and you shouldn't need to bypass security to get your work done. http://about.me/slandail
You may have heard Jerod speak on how to defend your mobile apps from attackers. In that presentation, he covered the fundamentals of secure mobile app development, identifying resources you should bake into your mobile app development process to reduce the likelihood of compromise. In this follow-up presentation, he continues that conversation with live demos against iOS and Android apps, in addition to covering vetting requirements for third party application developers and for apps that you plan to install on corporate mobile devices.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Robby Stewart
PCs in your network are infected with malware. AV sucks, IDS sucks, IPS sucks, and FWs let 80 and 443 out to the wild internet. How do you keep from infecting your neighbor? This will be an interactive* discussion about how to not only prevent your network from getting infected but what to do about not letting the infection spread. Come prepared to talk and interact, because I want your advice!
By: Evan Booth
When solving difficult problems that require unorthodox thinking, it’s crucial that you remember APATHY: Acronyms Probably Aren’t That Helpful, Yo. Instead, we’ll dig into the practical side of creative problem solving by reflecting on Terminal Cornucopia — my year of building improvised weapons out of materials and items available in what is touted as one of the most "sanitized" environments designed for everyday citizens: the airport.
This talk will serve as a primer on building lethal improvised melee, projectile, explosive, and incendiary weapons. More importantly, I will share lessons learned about creativity, passion, and human potential during my year with Angus MacGyver. Dust off your leather jacket and roll up those tube socks; we're going to hit the ground running.
Growing up, it was a safe bet that if an object around the house was held together with screws or contained any number of wires, Evan “treefort” Booth took it apart at some point to see what made it tick. In 4th grade, with the help of strategically placed pens, erasers, and a Pop-Tarts wrapper, Evan's pencil box could quickly be converted into a model rocket launchpad. His Liquid Drano purchases to toilets cleaned ratio is absolutely abysmal. This never-ending supply of curiosity eventually translated into a passion for understanding computers and programming.
Having earned a degree in Digital Media — a nerdy union of design fundamentals and computer programming — from East Tennessee State University in Johnson City, Evan founded his company, Recursive Squirrel, where he has served a wide variety of clients in need of application development and consulting for nearly a decade. When he isn't organizing 1's and 0's, Evan is likely off picking locks with the FALE Association of Locksport Enthusiasts, a lock picking group he co-founded in 2010.
In his most recent project, Terminal Cornucopia, Evan set out to demonstrate how difficult it would be for an attacker to construct lethal weapons in a typical airport terminal after the security screening. After successfully building an arsenal consisting of everything from simple melee weapons to reloadable firearms to a remotely-triggered incendiary suitcase, Terminal Cornucopia garnered international media attention and attracted viewers from nearly every country on the planet.
Make no mistake: the best part about buying a bulky item is, in fact, the huge cardboard box.
]]>Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Tom Webster
A preview of the new design for the Ohio Information Security Form website.
By: Tom Webster
A short talk on what's changed and what you/your business should be doing with respect to passwords.
Food and drinks served
A brief overview of the Ohio Information Security Forum.
By: Dan Wilkins
While one might think that everything has been locked down, there is one thing that is forgotten - information. With Recon-ng, one can look at public sources of information to better fit an attack to an organization.
]]>Food Served
Introduction
A brief overview of the Ohio Information Security Forum.
Presentation 1:Trusted Platform Module (TPM) 101 - Mohit Arora
The TPM is essentially a passive cryptographic engine available on many modern motherboards. The specification is written by the Trusted Computing Group, consisting of many major software and hardware corporations. In addition, the module provides sealing, binding and remote attestation functionality. It's uses include disk encryption, platform integrity and other encryption enabled software.
Mohit Arora lives in Austin, Texas currently a Director of Engineering at MAFAZO Digital Solutions, a Dayton based cyber security startup! He started his career with Citrix where he played with graphic cards driver development. He and his team received a patent for inventing various methods and systems to remote 3D graphics to distributed machines. Mohit also worked at Dell where he worked with Trusted Platform Module (TPM) and Windows/Linux kernel driver development for FIPS approved encryption modules.
Presentation 2:Practical Exploitation Using A Malicious Service Set Identifier (SSID) - Deral Heiland
How easily we overlook a simple wireless SSID and think nothing of it or its potential risk to us. In this presentation I will be discussing the leveraging of SSIDs to inject various attacks into Wireless devices, and management consoles. The type of injection attacks discussed will include XSS, CSRF, command injection and format strings attacks. I will be discussing various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations I will show how each of these attack methods are carried out. In Conclusion I will be discussing how common this attack vector potentially is, and its overall risk factors.
Deral Heiland CISSP, GWAPT, serves as a Senior Security Consultant for Rapid7 where he is responsible for security assessments, and consulting for corporations and government agencies. Deral is also founder of Ohio Information Security Forum a not for profit organization that focuses on information security training and education. Deral is also the creator of the open source tool “Praeda” an data harvesting tool used to extract critical information from embedded devices. Deral has also presented at numerous national and international security conferences including BlackHat, ShmooCon, Defcon, Derbycon, Hacker Halted, Securitybyte India and Hackcon Norway. Deral has been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC and Pcworld.
]]>