Gold Sponsors



Modern Technology Solutions, Inc.



IRG Realty Advisors



Social Media

Our LinkedIn Group: OISF at LinkedIn


Post Archive


Meeting Agenda - September 9th, 2021

9th September 2021

Registration

The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).

Registration Link

(You're still welcome to register at the door.)

When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.

6:30pm (In-Person):
Food and drinks served, doors open.

6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.

7:00pm (Both)

Introduction

A brief overview of the Ohio Information Security Forum.

Demo of REMnux (free VM created by SANS for malware analysis)

By: John Carls

Meeting Agenda - August 12th, 2021

12th August 2021

Registration

The monthly meeting will be held both in-person and online via Google Meet.
Pre-registration via Eventbrite is encouraged to help plan for food and drink (as well as for keeping within capacity limitations).

Registration Link

(You're still welcome to register at the door.)

When you register for the conference, you will be asked if you would like a CPE certificate to support certification requirements.

6:30pm (In-Person):
Food and drinks served, doors open.

6:50pm (Online via Google Meet):
On-line part of meeting opens for participants to join.

7:00pm (Both)

Introduction

A brief overview of the Ohio Information Security Forum.

Recap of SANS Digital Forensics and Incident Response (DFIR) 2021 Conference

By: John Carls

Reviewing this summer's critical Microsoft vulnerabilities

By: Jason Kinder

Anniversary Conference - July 10th, 2021

10th July 2021

About:

It is that time of the year again. Our annual conference is coming up on July 10th. The OISF Annual Conference will be held both in-person and virtually this year. We will be hosting the OISF Annual Conference at Miami Valley Research Park, 1900 Founders Dr, Kettering, OH. It will be the same venue we have used in the past. The conference will start at 9:00 AM and end approximately around 4:30 PM.

There will also be a virtual option to attend this year's conference via Google Meet for those that are unable to attend in person. The Google Meet link will be provided once registration closes on 7/8/21 at 5p EST.

We are seeking donations that are tax-deductible to our Non-Profit 501(c)(3) Learning Charity to allow our organization to share knowledge and conduct training to local Dayton Cybersecurity Professionals. You can also make contributions through Amazon Smile by selecting Ohio Information Security Forum as your charity organization.

Registration:

Registration Link

Agenda for the 15th Anniversary Conference:

Time Speaker Event
0800 - 0900: - Doors open (Registration / Breakfast)
0900 - 0915: OISF President
On Stage
Opening Remarks
0915 - 1015: Phillip Wylie
Virtual
Inside the Mind of a Threat Actor: Beyond Pentesting
1015 - 1115: Micah Brown
On Stage
I Got 99 Problems but a WAF ain’t one
1115 - 1130: - Break
1130 - 1230: Penelope Rozhkova
On Stage
Code Hedgehogs - Changing the "S" in SDLC to Secure
1230 - 1300: - Lunch - Pizza
1300 - 1400: Deral Heiland
On Stage
A Look at Cellular Services in IoT technology
1400 - 1500: Edmund Brumaghin
Virtual
Chats, Cheats, and Cracks: Abuse of Collaboration Platforms in Malware Campaigns
1500 - 1515: - Break - Cake Cutting Ceremony
1515 - 1615: Matt Scheurer
On Stage
Lend me your IR's!
1615 - 1630: OISF President
On Stage
Closing Remarks

Abstracts/Bios:

Phillip Wylie, Inside the Mind of a Threat Actor: Beyond Pentesting

Abstract:

Red team is a commonly misunderstood offensive security discipline. Red team has been used as a general term for all areas of offensive security just as blue team for defensive security. True red teaming goes Beyond Pentesting and into more adversarial emulation. While there are overlapping skills, there are differences that will be discussed as Phillip shares his experience of going from a pentester to a red teamer. In this talk, you will learn about the different areas that make up red team operations, common tools, and the path to becoming a red teamer. In this presentation, you will learn about resources helpful for a path into red teaming.

Bio:

Phillip Wylie is a Senior Cloud Penetration Tester in the banking industry, Adjunct Instructor at Dallas College, and The Pwn School Project founder. Phillip has over 23 years of experience with the last 9 years spent as a pentester. His passion for mentoring and education motivated him to start teaching and founding The Pwn School Project a monthly educational meetup focusing on cybersecurity and ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip is the concept creator and co-author of "The Pentester Blueprint: Starting a Career as an Ethical Hacker". He is the host of "The Hacker Maker" podcast.

Micah K. Brown, I Got 99 Problems but a WAF ain’t one

Abstract:

Deploying a Web Application Firewall (WAF) is the hardest IT Security project I ever completed. It requires implicit trust and support between IT Security and App Dev. A WAF project demands networking, traditional IT Architecture, Cloud Architecture, and App Development skills. Join me as I discuss the challenges, the ‘short cuts’, and the tips and tricks I learned as I deployed over 30 WAFs in under 3 months.

Bio:

Micah K Brown is a member of the IT Security Engineering team at American Modern Insurance, part of the Munich RE Group. Over the past four years he has served as the lead Engineer on the DLP implementation for Data Loss Prevention for the Munich RE organizations located in North and South America. In this role Micah has learned the many intricacies of what works in a successful DLP project. In his free time, Micah serves on the Greater Cincinnati ISSA Chapter as Vice President. Micah graduated from the University of Cincinnati and holds an active CISSP.

Penelope Rozhkova, Code Hedgehogs - Changing the "S" in SDLC to Secure

Abstract:

Secure Software Development is a shift-left effort aiming to identify security vulnerabilities early on in the development lifecycle. The take-aways for this talk will be ideas on how to engage developers in shifting the security posture of their organizations through secure coding with a simple analogy, concrete steps at each phase of the SDLC, and fun ways to learn how to do it. We will begin with a quick review on how to integrate secure coding at each step of the Software Development Life Cycle. Next we will discuss the top application vulnerabilities and mitigation techniques to defend against known attacks. Then we will also discuss the three approaches to threat modeling. Finally we will wrap things up with recommendations on how to try your hand on the other side through gamified Red Team challenges where coding skills give you a decided advantage.

Bio:

Penelope Rozhkova is an experienced CyberSecurity Professional and an avid learner passionate about all things cyber. She has two Bachelor's and a Master's in other fields, and now a degree in Cyber Security & Information Assurance. She is active in the Black Hills Information Security community where she has been appointed to their "Friends of BHIS" designation, lovingly known as the Nerd Herders. You might even stumble upon cameo appearances on their newscast or Back Doors & Breaches demos found on YouTube or Twitch. An educator at heart, she is excited to share her expertise with audiences whenever given the opportunity. Penelope has CompTIA Security+ and CySA+ certifications and most recently was an adjunct instructor at Northern Kentucky University's NSA/NSF GenCyber Camp.

Deral Heiland, A Look at Cellular Services in IoT technology

Abstract:

With the substantial growth of Internet of Things (IoT) technology continuing, from Industrial, Enterprise, Medical, Consumer to Transportation IoT, there has been an expanding need to connect these devices know matter where they may be located. To solve this problem, we have cellular technology to the rescue. During this presentation we will be discussing various types of cellular service most often seen in use by IoT technology. We will be reviewing potential security risk, and impact, along with an examination of the various vendors, and products at the component level that are available. Also, I will be discussing various methods and concepts on how to approach evaluating the security of devices leveraging cellular technology.

Bio:

Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack in Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.

Edmund Brumaghin, Chats, Cheats, and Cracks: Abuse of Collaboration Platforms in Malware Campaigns

Abstract:

The COVID19 pandemic has led to significant changes in how many organizations conduct business. The widespread adoption of remote working arrangements has caused many organizations to increasingly rely on collaboration platforms like Discord and Slack to enable employees to communicate more effectively. Attackers have recognized this and have begun leveraging these platforms for nefarious purposes as well. This presentation will discuss how attackers are using collaboration platforms throughout various stages of their malware attacks and what organizations can do to defend against these attack techniques.

Bio:

Edmund Brumaghin is a threat researcher with Cisco Talos. He has spent the past several years protecting environments across a number of different industries including nuclear energy, financial services, etc. He currently spends his days hunting malware and analyzing various threats as they emerge and continue to evolve. In his time with Talos he has researched ransomware and other threats being distributed using various attack vectors. He has also worked to expose large scale malware campaigns and raise awareness of security threats observed across the threat landscape.

Matt Scheurer, Lend me your IR's!

Abstract:

Have you ever felt compelled to tip your cap to a malicious threat actor? Protecting systems and networks as a tech defender means withstanding a constant barrage of unsophisticated attacks from automated tools, botnets, crawlers, exploit kits, phish kits, and script kiddies; oh my! Once in a while, we encounter attacks worthy of style points for creativity or new twists on old attack techniques. This talk features live demo reenactments from some advanced attacks investigated by the presenter. The live demos showcase technical deep dives of the underpinnings from both the attacker and investigator sides of these attacks. Attendee key takeaways are strategies, freely available tools, and techniques helpful during incident response investigations.

Bio:

Matt Scheurer works on a Computer Security Incident Response Team (CSIRT) performing Digital Forensics and Incident Response (DFIR), and is a show host for the ThreatReel Podcast. Matt has more than twenty years of combined professional experience in Information Technology and Information Security. He is the Security Director for the Cincinnati Networking Professionals Association (CiNPA). He is a "Hacking is NOT a Crime" Advocate, volunteers as a technical mentor for the Women's Security Alliance (WomSA), and is a 2019 comSpark “Rising Tech Stars Award” winner. Matt has presented on numerous Information Security topics at many technology meetup groups and prominent Information Security conferences across the country.

Meeting Agenda - June 10th, 2021

10th June 2021

Meeting Details

Please join the Ohio Information Security Forum for an in-person or virtual meeting (a simulcast of the in-person meeting).

Attending virtually:

When:
7:00PM via Google Meet

Meeting Link:
https://meet.google.com/vib-qmje-bkv

Meeting Phone Number:
+1 417-344-8736 (PIN: 186666675)

Attending in person:

When:
The meeting is at 7:00PM with a social period from 6:30PM-7:00PM.
Pizza and refreshments will be served.

Where:
Ashford Center, 4141 Colonel Glenn Hwy, Beavercreek, OH 45431 (Suite 202B, Conference Room on 2nd Floor)

COVID-19 Safety Measures:
We will be following Ohio Department of Health's guidelines where masks will be required unless you are fully vaccinated. Honor system in place, we will not be asking your status.

Agenda

7:00PM

Introduction

A brief overview of the Ohio Information Security Forum.

Out of the Trash - Into Your Network

By: Deral Heiland

Abstract:

During this presentation we will be discussing the risk and impact related to the improper disposal of embedded technology devices. I will be covering how malicious actors can scrap critical data from these devices, which could then lead to compromise of your personal or business networks. During this presentation we hope to have an open and free flow of ideas focusing on the risk, how its done, and how do we potentially avoid these issues.

Bio:

Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.