10.15.18 Blog

It was an exciting weekend for DC919 and other local cyber security enthusiasts alike.

On Friday and Saturday night we crammed ourselves into Basement Con ’18 where we worked hard to help prepare for the upcoming BSides RDU. It was great to see everyone working this weekend towards making our security community even more awesome.

That event is happening this Friday, October 19th, at the Carolina theatre in Durham, NC. For more information check out https://bsidesrdu.org/, registration is free, and it will surely be a great time.

 

We extended our enthusiasm for security into Sunday at the DC919 Digital Forensics and Incident Response class. The presenter was Michael Solomon who did a fantastic job leading the groups largest meetup to date. For this presentation the prerequisites included making sure you had two virtual machines packed with the tools necessary to work through the objectives. One virtual machine had SIFT Workstation which is a “group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings” according to the SANS website that hosts the download. The other virtual machine was to be windows 7 or higher and would need several items installed on it, including FTK Imager, AutoRuns, EDD, PE Studio, and more.

The 3 main topics intended to be covered were Host based Forensic Acquisition, Malware Persistence and Timeline Analysis. Due to the time constraints we were only able to cover the first two, but Michael did a great job of making the slides available to continue, and to offer his time for those that wished to continue or had further questions. We covered a lot of topics in this class, including chain of custody, avoiding evidence corruption, file system layers, windows timestamps, evidence acquisition, encryption, the registry, malware traits, persistent locations, and how to use the tools.

After going through the foundational concepts, we progressed to the hands-on portion of the presentation, and I must say, it was thrilling! After exploring and using the tools, we ultimately were able to analyze a malware sample using autoruns and PE studio. This was awesome!

As normal, we extended into social hour at the local ‘dive’, Bralies, where we spent more time socializing and discussing current events in security and around our community.

 

There are several cyber security events happening soon that some of the DC919 members will be involved with. As noted earlier in this article, BSides RDU is coming up THIS Friday at the Carolina Theatre. It’s free to register, so we hope to see you there. https://bsidesrdu.org/

On Friday October 26th, the Raleigh ISSA is holding Triangle InfoSeCon. DC919 will have a booth there so make sure to stop by and see us! https://www.triangleinfosecon.com

Also, ntropy-unc is still hosting meetings on Mondays at UNC between 8 and 9pm. For more information check out their website https://ntropy-unc.github.io/

Finally, the next DC919 meeting is also going to be awesome! Our lovely Ms. Mouse will be presenting a Capture the Flag instructional demonstration on November 11th. Feel free to RSVP on the meetup page. See ya there! https://www.meetup.com/DefCon919/events/254887427/

 

November 11 – Capture The Flag

Def Con 919 Presents – November Meeting – Capture The Flag

Capture The Flag (CTF)

Sunday, Nov 11, 2018, 4:00 PM

10 Ethical Hackers Attending

Check out this Meetup →


ALL levels of experience, skill, and interest are welcome and encouraged to join us. You do not have to be a “hacker” to attend.

MsMouse setup a CTF environment and steps us through the basics of how to play a CTF. Additional details and laptop setup recommendations to be posted later.

When:
Sunday, November 11, 4 PM

Agenda:

• 4 PM Capture the Flag Introduction at Wake County Library
• 6 PM Open Discussion at Local Bar

Where:

August 2018 – Def Con 26

DEF CON 26

Thursday, Aug 9, 2018, 8:00 AM

9 Members Attending

Check out this Meetup →


This is just announcing Def Con 26 in Las Vegas. Join Def Con 919 where it all began.

When:
Thursday, August 9, 2018, 8:00 AM to Sunday, August 12, 2018, 8:00 PM

September 2018 – Post Def Con 26 Badge Life

Def Con 919 Presents – Post Def Con 26 Badge Life

DefCon919

Durham, NC
337 Members

The DEF CON Groups were spawned from the annual DEF CON security conference in Las Vegas. The DEF CON Groups (DCGs or DC-Groups) are a gathering point for folks interested in …

Check out this Meetup Group →

When:
Sunday, Sept 9, 4 PM

Agenda:

• 4 PM Post Def Con 26 Badge Life at Durham County Library – South Regional Library 4505 S Alston Ave, Durham, NC 27713
• 6 PM Open Discussion at Bralie’s Sports Bar 1725 Carpenter Fletcher Rd, Durham, NC 27713

Where:

October 14 – Digital Forensics Incident Response

Def Con 919 Presents – October Meeting – Forensic Intro

Forensic Introduction

Sunday, Oct 14, 2018, 2:00 PM

1 Members Attending

Check out this Meetup →


ALL levels of experience, skill, and interest are welcome and encouraged to join us. You do not have to be a “hacker” to attend.

Further details will be provided later. There will be an image to download prior to the meeting that will be used to step through a forensic investigation.

When:
Sunday, October 14, 2 PM

Agenda:

• 2 PM Forensic Introduction at Durham County Library – South Regional Library 4505 S Alston Ave, Durham, NC 27713
• 6 PM Open Discussion at Bralie’s Sports Bar 1725 Carpenter Fletcher Rd, Durham, NC 27713

Where:

October 19 – BSides RDU

BSides RDU

Friday, Oct 19, 2018, 9:00 AM

2 Ethical Hackers Attending

Check out this Meetup →

Def Con 919 will be community sponsoring this event, but it’s not an official Def Con 919 event, be sure to register and buy your ticket when they become available.

More details at:
https://bsidesrdu.org/

Security BSides is a community-driven framework for building events for and by cyber security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.

Security is top of mind across the entire sphere of IT and the world beyond. Therefore, more people and organizations are interested in the next new thing in security. BSides is the place where these people come to collaborate, learn and share.

With many tech-companies, colleges and universities in Raleigh, Durham, Chapel Hill and surrounding areas, it is also an international center of innovation in the security industry.

When:
Friday, October 19

Where:

July 2018 – Def Con 26 Prep and Lightning Talks

Def Con 919 Presents –

Def Con 26 Prep and Lightning Talks

Sunday, Jul 8, 2018, 4:00 PM

34 Members Went

Check out this Meetup →

When:
Sunday, July 8, 4 PM

Agenda:
Def Con 26 Prep and Lightning Talks. Bring your tips and tricks for Def Con. Or come talk about a project you’re working on.

• 4 PM Def Con 26 Prep and Lightning Talks at Durham County Library – South Regional Library 4505 S Alston Ave, Durham, NC 27713
• 6 PM Open Discussion at Bralie’s Sports Bar 1725 Carpenter Fletcher Rd, Durham, NC 27713

Where:

April 2018 – Carolina Con 14

Def Con 919 Informs you of Carolina Con 14

Carolina Con 14

Friday, Apr 13, 2018, 5:00 PM

34 Members Attending

Check out this Meetup →

Not hosted or sponsored by Def Con 919/DC919…but there will be swag and our members do help out a lot. Meet with other members and members of DC910 and DC828.
DC919’s Bace16 will be speaking on Saturday at 11 AM on phishing and social engineering.

Full info: https://www.carolinacon.org/
$40 cash only at the door.

When:
Friday, April 13 5PM – Sunday, April 15 5 PM

Where:

March 2018 – Intro to Hardware

Upcoming Defcon919 Meeting

March Meeting – Intro to Hardware

Sunday, Mar 11, 2018, 2:00 PM

17 Members Went

Check out this Meetup →


DC919 Meeting Slides
Intro To Hardware Slides

ALL levels of experience, skill, and interest are welcome and encouraged to join us. You do not have to be a “hacker” to attend.

This will be a special session starting earlier at 2:00. We’ll take some time for setup and plan to start working by 2:30 PM.
We’ll be assembling a USBtinyISP AVR Programmer Kit (USB SpokePOV Dongle) – v2.0
You need to purchase the kit we will be building: https://www.adafruit.com/product/46

You will need to bring your own soldering kit. These are good tools to have if you want to do any hardware hacking. https://learn.adafruit.com/usbtinyisp/overview is a great guide.
Soldering iron
Diagonal cutters
Stand and sponge
Solder
Vice

Agenda:
• 2 PM Hardware Instruction and hands on lab at Durham Co. Southwest Regional Library 3605 Shannon Road, Durham, NC
• 6 PM Open Discussion at Carolina Ale House 3911 Durham-Chapel Hill Blvd, Durham, NC 27707

When:

Sun, March 11, 2pm – 6pm

Where:

Durham Co. Southwest Regional Library
3605 Shannon Road, Durham, NC

May 2018 – OSINT

Defcon919 OSINT Meeting

OSINT Open-Source INTelligence

Sunday, May 13, 2018, 4:00 PM

16 Members Attending

Check out this Meetup →

ALL levels of experience, skill, and interest are welcome and encouraged to join us. You do not have to be a “hacker” to attend.

OSINT Open-Source INTelligence is data collected from publicly available sources to be used in an intelligence context. In the intelligence community, the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).
Learn techniques to discover what info is really out there on people and what steps you can take to prevent too much information about yourself from being available.

Agenda:
• OSINT discussion and demo
• How to remove yourself from common OSINT websites
• 6+ Open discussion and drinks at a local bar

When:
Sun, May 13

Agenda:
• 4 PM OSINT presentation at Durham County Library – South Regional Library 4505 S Alston Ave, Durham, NC 27713
• 6 PM Open Discussion at Bralie’s Sports Bar 1725 Carpenter Fletcher Rd, Durham, NC 27713

Where: