jtoth – Security B-Sides Orlando 2016 Presented By FC² http://bsidesorlando.org/2016 Bringing Infosec to Central Florida Since 2013 Mon, 03 Oct 2016 13:56:28 +0000 en-US hourly 1 Michael Brown | NIST CSF, 27001, HIPAA, PCI, and others: an overview of frameworks, standards, and regulations for security folks http://bsidesorlando.org/2016/michael-brown-nist-csf-27001-hipaa-pci-and-others-an-overview-of-frameworks-standards-and-regulations-for-security-folks Tue, 01 Mar 2016 20:45:11 +0000 http://bsidesorlando.org/2016/?p=436

Abstract

In recent years the number of regulations, standards, frameworks and the like have increased.  While some are aimed at IT overall, many of them include or even focus on IT Security, which have become more important due to recent event.  And this is likely to increase. Because of this, security professionals are finding themselves expected to follow, adhere to, and/or enforce these standards.  But few have a decent understanding of them.  Starting the Critical Security Controls (formerly known as the SANS Top 20), we’ll take a look at some of the major security frameworks and regulations out there, such as HIPAA, ISO 27001/2, NIST CSF, PCI-DSS, SOX, and others.  The aim is to help security professionals understand the basics of these and get them started on learning more about them.
Outline
Overview
Standard, framework, regulations- what are they?
Critical Security Controls
HIPAA
ISO 27000
NIST CSF
PCI-DSS
GLBA
SOX
COBIT & ITIL
Wrap-up and recommendations for further study

Bio

Michael Brown, CISSP, HCISPP, CISA, CISM, CRISC, has been involved with IT for 20 years, the last ten in IT Security. Moving from a security admin to a global security architect, he has been working for the last few of years as an IT security consultant preforming security risk assessments, gap analysis, and developing policies and procedures for clients to help them implement an information security management system.

]]>
grecs | Malware Analysis Basics http://bsidesorlando.org/2016/grecs-malware-analysis-basics Tue, 01 Mar 2016 20:40:02 +0000 http://bsidesorlando.org/2016/?p=432

Abstract

Knowing how to perform basic malware analysis can go a long way in helping infosec analysts do some fundamental triage to either crush the mundane or recognize when its time to pass the more serious samples on to the the big boys. This course, based on grecs’ popular Malware Analysis 101 – N00b to Ninja talks, covers several analysis environment options and the three quick steps that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a “ninja” per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of malware analysis.

Prior to workshop students should complete the following in order to get the most out of the class.

* Have a VM solution loaded onto their laptop (e.g., VMware [free, trial, or paid] or VirtualBox [free]).
* Download and load the ModernIE Windows XP with IE8 VM into the VM solution. https://dev.windows.com/en-us/microsoft-edge/tools/vms/windows/

Saturday March 12th 01:30PM – 04:30PM

Bio

grecs has two decades of industry experience and undergraduate/graduate engineering degrees. After doing the IT grind, he discovered his love of infosec and has been pursuing it since. Currently, he spends his days as a senior cyber analyst enhancing customer defenses through advanced analysis, customized training, and engineering improvements. In his free time grecs is an international speaker and blogger covering a range of defensive topics.

]]>
Diego Fuentes and Dan Markels | Technical Resume/Profile Editing Workshop http://bsidesorlando.org/2016/diego-fuentes-and-dan-markels-technical-resumeprofile-editing-workshop Tue, 01 Mar 2016 20:33:56 +0000 http://bsidesorlando.org/2016/?p=428

Abstract

10 seconds is all the time a Recruiter or Hiring manager is going to give your resume in deciding to keep it or pass on it. A resume tells a great deal about you, creates a first lasting impression and gets you the interview.

Join our resume writing and social media profile editing workshop to learn how to best tailor your information to pursue the job that you want. Experienced recruiters review 40-50 resumes and LinkedIn profiles a day. Our tips will help you stand out above candidates competing for the best jobs out there.

At the end we can have a Q&A session to answer any questions about the workshop or the IT market and relevant trends in the US in general.

Please bring a hard copy of your resume to the workshop, send a soft copy dfuentes@teksystems.com or a connection request to https://www.linkedin.com/in/diego-fuentes-59ab0b12.

10:00AM – 10:30AM

Bio

As Technical Recruiters for TEKsystems, we are responsible for building consultant relationships, understanding the local employment market in Central Florida and consulting with Technical Candidates to help them advance their long-term careers.

]]>
Beau Bullock | Fade from Whitehat… to Black http://bsidesorlando.org/2016/beau-bullock-fade-from-whitehat-to-black Wed, 17 Feb 2016 17:32:29 +0000 http://bsidesorlando.org/2016/?p=368

beau

Abstract

When your job is to act as a malicious attacker on a daily basis for the good of helping organizations, you can’t help but wonder “What if I decided to embrace the evil within?” What if one day I woke up evil? Every day as a pentester, I compromise organizations through a variety of ways. If I were to wake up one day and decide to completely throw my ethics out the window, how profitable could I be, and could I avoid getting caught?

In this talk I will walk through a detailed methodology about how I personally would go about exploiting organizations for fun and profit, this time not under the “white hat.” Non-attribution, target acquisition, exploitation, and profitization will be the focal points. Blue teamers will get a peek into the mindset of a dedicated attacker. Red teamers will learn a few new techniques for their attack methodologies.

Bio

Beau Bullock is a Senior Security Analyst at Black Hills Information Security. Prior to joining BHIS, Beau‘s primary role has been implementing security controls to protect information and network assets. He has held information security positions in the financial and health industries. Beau has experience with all aspects of enterprise network security including penetration testing, vulnerability analysis, data loss prevention, wireless security, firewall management, and employee security training. In his spare time, he hosts the Hack Naked TV information security webcast and presents at conferences.

Beau holds a B.S. in Information Technology and has also obtained multiple industry certifications including OSCP, OSWP, GCIH, GCFA, GSEC, GPEN, GXPN. Beau is @dafthack on Twitter.

]]>
Adam Losey | Data Privacy: Legal Alphabet Soup http://bsidesorlando.org/2016/adam-losey-data-privacy-legal-alphabet-soup Fri, 12 Feb 2016 17:00:40 +0000 http://bsidesorlando.org/2016/?p=351

Abstract

CFAA, CAN-SPAM, HIPPA, and CADRA are just a few of the many alphabet-soup acronyms that make up the legal rubric in the United States that govern information security, privacy, and technological issues- information security professionals need to understand the patchwork of laws in the United States (and Florida in particular) to be truly effective in their endeavors.  New state laws appear every day with different standards for what data is considered sensitive and how an organization is dealt with if they disclose protected information. What laws should you be aware of when engaging your organization about risk and data disclosure? This talk will focus on the CFAA, the Computer Fraud and Abuse Act, as well as CADRA, Florida’s Computer Abuse and Data Recovery Act. Adam Losey, an internationally recognized attorney working in Central Florida will discuss information security and privacy law, what it means to information security professionals, and how to approach data privacy laws. The talk will include 20-30 minutes of round table style discussion allowing the audience to ask questions regarding matters of law and data privacy.

Bio

Adam Losey is an internationally recognized attorney, author, and educator in the field of technology law. He represents a number of Fortune 100 companies in high-stakes complex litigations across the country involving challenging issues at the intersection of law and technology. In addition to his litigation practice, Mr. Losey routinely advises clients large and small on a variety of sophisticated information security, incident response, privacy, electronic discovery, and data management matters. Inside and out of the courtroom, he efficiently and creatively solves problems for clients in a variety of situations.

]]>
Dodi Glenn | History of Ransomware http://bsidesorlando.org/2016/dodi-glenn-history-of-ransomware Fri, 12 Feb 2016 16:49:13 +0000 http://bsidesorlando.org/2016/?p=346

Abstract

A recent study titled, “Battling the Big Hack” by IT professional network Spiceworks found that that 80% of organizations experienced an IT security incident in 2015, with 53% of respondents having a concern for ransomware in 2016. But how did we get here? And how can we avoid these growing attacks in the coming year and beyond? In general, all ransomware pretty much works the same in that it tries to extort money from a user, but each variation of it does something slightly different. This presentation will discuss the history of ransomware – from the first known ransomware, which hit the scene back in 1989 (the “AIDS” or “PC Cyborg” Trojan), to Gpcode (RSA encryption schemes), CryptoLocker (Bitcoin transactions), and Cryptowall (targeting Windows), with many others in between. We’ll close out the discussion with 2016 ransomware predictions, as well as how users can mitigate these attacks in the future.

Bio

Dodi is VP of CyberSecurity for PC Pitstop with 10+ years’ experience in the cyber security industry, specializing in security risk assessment, programming, firewalls, malware/targeted attacks, antivirus, & more. Previously, he led several initiatives in malware research, software development, software testing, and product management for ThreatTrack Security, Sunbelt Software, & GFI Software.

]]>
grecs | Network Forensics 101: N00b to Ninja 60 Minutes http://bsidesorlando.org/2016/grecs Fri, 12 Feb 2016 16:46:17 +0000 http://bsidesorlando.org/2016/?p=339

Abstract

Knowing how to perform basic network forensics can go a long way in helping infosec analysts do some fundamental analysis to either crush the mundane or recognize when its time to pass the more serious attacks on to the the big boys. This presentation covers environment options for making your network monitor-able, three quick steps to triage and analyze alerts, and integrated distros that allows almost anyone with a general technical background to go from n00b to ninja (;)) in no time. Well … maybe not a “ninja” per se but the closing does address follow-on resources on the cheap for those wanting to dive deeper into the dark world of network forensics.

Bio

grecs has two decades of industry experience and undergraduate/graduate engineering degrees. After doing the IT grind, he discovered his love of infosec and has been pursuing it since. Currently, he spends his days as a senior cyber analyst enhancing customer defenses through advanced analysis, customized training, and engineering improvements. In his free time grecs is an international speaker and blogger covering a range of defensive topics.

]]>
David Switzer | Wifi Tracking: Collecting the (probe) Breadcrumbs http://bsidesorlando.org/2016/david-switzer-wifi-tracking-collecting-the-probe-breadcrumbs Fri, 12 Feb 2016 16:43:26 +0000 http://bsidesorlando.org/2016/?p=336

Abstract

Wifi probes have provided giggles via Karma and Wifi Pineapples for years, but is there more fun to be had?  Like going from sitting next to someone on a bus, to knowing where they live and hang out?  Why try to MITM someone’s wireless device in an enterprise environment where they may notice — when getting them at their favorite burger joint is much easier.
 
In this talk we will review ways of collecting and analyzing probes. We’ll use the resulting data to figure out where people live, their daily habits, and discuss uses (some nice, some not so nice) for this information.   We’ll also dicuss how to make yourself a little less easy to track using these methods. Stingrays are price prohibitive, but for just tracking people’s movements.. this is 
cheap and easy.

Bio

David Switzer has been through the train industry, the cable industry, and even the ISP industry (technically twice) in his 20 years of being in technology. He works for a security firm in Tampa, Florida where he is paid to do mean things to companies, only because they ask nicely.  Infosec interests include doing mean things with RF signals, metadata mashing, looking for “oopsies” in firmware, and talking about himself in the third person.  Who doesn’t enjoy that last one, really?

 

]]>
Emori Medeiros | Resume Building for Security Professionals http://bsidesorlando.org/2016/emori-medeiros-resume-building-for-security-professionals Fri, 12 Feb 2016 16:40:21 +0000 http://bsidesorlando.org/2016/?p=331

Abstract

Do you ever feel like your resume is holding you back? I can help you translate your work experience to paper and help you land that dream InfoSec job. From the basics of resume no no’s to highlighting your security skills. Please bring a copy of your resume!

Bio

Emori Medeiros has been on both sides of the recruiting world. She was an internal recruiter for a tech company in San Francisco and now she is a technical recruiter at BlueWave. Her experience has taught her the ins and outs of perfecting resumes so that YOUR resume is the one that stands out. BlueWave is a Technology Boutique Firm that specializes in Information Security and Software Development Recruiting.

]]>
Artsiom Holub |Deconstructing The Cyber Kill Chain of Angler Exploit Kit http://bsidesorlando.org/2016/artsiom-holub-deconstructing-the-cyber-kill-chain-of-angler-exploit-kit Fri, 12 Feb 2016 16:10:28 +0000 http://bsidesorlando.org/2016/?p=329

Abstract

Over the past few years exploit kits have been widely adopted by criminals looking to infect users with malware.The exploit kit then proceeds to exploit security holes, known as vulnerabilities, in order to infect the user with malware. The entire process can occur completely invisibly, requiring no user action. In my research I try to deconstruct cyber kill chain involving one of the most notorious exploit kits used by cybercriminals – a kit known as Angler exploit kit. This talk will cover the evolution of AEK, it’s role in raising of ransomware threat, tricks used to send user web traffic to Angler landing pages, and methods to deliver payloads. It will also cover procedures that allowed us at OpenDNS to proactively discover and block landing pages and mitigate the risk of infections delivered by AEK, as well as the preventative measures that end-users and systems administrators can take to mitigate their risks.

Bio

I am current security analyst and penetration tester in the past.

]]>