• Hacking Web Sites

    Montgomery College CyberLab

    In this meeting, we will look at web vulnerabilities at each level of the web architecture. There will be a hands-on lab that will cover various tools and techniques used to test for vulnerabilities in Web sites. The URL to attend this meeting on-line is: http://adobechats.adobeconnect.com/capsec2017mar/ Directions: The lab is located on the second floor of the HT building room 230 on the East side of the Montgomery College Germantown campus. Campus Security knows about the meeting and will not be enforcing parking permits, but you must park in Lot 4 which is the one right across from the HT building. By Car: Take I-270 to Exit 15 East (Route 118). Continue to the second traffic light at Observation Drive; turn right onto campus. Lot 4 is on the other side of campus from where you enter. Directions and Map http://cms.montgomerycollege.edu/EDU/Department.aspx?id=91151

    13
  • Capturing Network Traffic and New Meeting Location

    Montgomery College CyberLab

    Trying this again, hopefully with less illness this time. We haven’t had a meeting in a quite some time. For those of you who are unaware, we lost our meeting space in Rockville. Leidos (the artist formerly known as Lockheed Information Systems & Global Solutions) is repurposing the training room we were using. It took me several months to find a new location to hold meetings. The new meeting location is at the Montgomery College CyberLab (http://cms.montgomerycollege.edu/mccyberlab/) in Germantown. This is a state of the art facility that has virtual servers and desktop environments, isolated networks, wireless, and forensic technologies. The facility is excellent for the hands-on cyber security technology meetings we have. The downside is that it will be longer commute for those coming from DC or Virginia. The first meeting is going to be an introduction to the facility and learning about network traffic capture. One of the perks of the facility is that we have access to preconfigured labs that are part of the curriculum at the college in addition to the ability to create our own complex VM environments to run exercises. Everyone will be giving access to the labs which we will discuss at the meeting. Directions: The lab is located on the second floor of the HT building room 230 on the East side of the Montgomery College Germantown campus. Campus Security knows about the meeting and will not be enforcing parking permits, but you must park in Lot 4 which is the one right across from the HT building. By Car: Take I-270 to Exit 15 East (Route 118). Continue to the second traffic light at Observation Drive; turn right onto campus. Lot 4 is on the other side of campus from where you enter. Directions and Map http://cms.montgomerycollege.edu/EDU/Department.aspx?id=91151 The URL to attend the meeting on-line is: http://adobechats.adobeconnect.com/capsec2016dec/

    10
  • Big Data Solutions for Cyber Security

    Lockheed Martin

    The session will cover the evolving cyber threat landscape including the advanced persistent threats, targeted attacks, zero day attacks as well as insider threats and identify common patterns in today’s sophisticated cyber‐attacks. Attendees will learn how the new big data solutions such as Splunk can take structured and unstructured data from multiple disparate sources and are able to correlate and provide real time actionable intelligence to effectively detect, respond, mitigate and prevent the advanced threats and risks. In addition, attendees will walk away with simple reference architectures & clear understanding of Cyber security solutions such as Insider Threat Detection & Mitigation, Endpoint Security, Data Protection, Continuous Monitoring, Data Leakage Prevention & Compliance as well as Layer 7 Application Threat Detection & Mitigation. We will also cover the type of job opportunities in the cyber security space and how to obtain necessary skills to get a solid lucrative career in cybersecurity. Focus OEM Partners: Checkpoint, Splunk, Symantec, Palo Alto Networks, Intel/McAfee, Cisco, Dell, HP, FireEye, Juniper. Dr. Prem Jadhwani will be leading this session. Prem Jadhwani, chief technology officer (CTO), brings 18 years of experience working in the enterprise IT space with both commercial and Federal customers to Government Acquisitions, Inc. (GAI). As CTO, Mr. Jadhwani provides solution vision, strategy, thought leadership, and subject matter expertise around data centers, networking, cyber security, cloud computing, data analytics, and other emerging technologies. Mr. Jadhwani has served as a Commissioner for TechAmerica Cloud and Big Data Commission. He holds an MS in Computer Science from Illinois Institute of Technology, an MBA in Marketing & Strategy from Stuart School of Business in Chicago, and has completed coursework for a Ph.D. in Cyber Security from George Mason University. He also holds 100+ reputable certifications including CISSP, CISM, CISA, CEH, CCNP, VCP, ITIL, GCIH, and GSLC. The URL to attend on-line is: http://adobechats.adobeconnect.com/capsec2016mar/

    14
  • Lightning Talks

    Lockheed Martin

    For this month’s meeting we will have several presenters doing short 15-30 minute talks on a variety of topics: Derick Josey, Vulnerabilities Overview and Solutions Dan Kube, Pen Testing from the Management/Customer Perspective Bertrand Stivalet, Vulnerable Source Code and Prevention Kelly Brown, CyberCash: How cryptocurrencies work Eliezer Lehrhaupt, Cyber Security Pain Points The URL to attend on-line is: http://adobechats.adobeconnect.com/capsec2015dec/

    1
  • Wireless Security Weaknesses and Attack Demonstration

    Wi-Fi is considered to be essential for providing Internet and local network connectivity to laptops and mobile devices at home, on the go, and at work to a large extent. Unfortunately, there are many weaknesses in the use of wireless that can be exploited by attackers without significant effort. During this session, we will walk through and demonstrate attacks against Wi-Fi access points and clients including deauthentication, use of an evil portal, DNS spoofing, and obtaining victim credentials. We will also walk through how the attacks were constructed in the demonstration and discuss other possible wireless security attacks that can be conducted. Speaker Bio: Michael Orticari is a Managing Director with Tungsten Security, LLC. Over the last decade, he has performed and managed cybersecurity services, including enterprise security architecture, security program and policy development, security assessments, and training. Michael has led and performed penetration testing, social engineering, wireless, web application, and a variety of other security assessments. Prior to his current position, he was a Manager at PwC where focused on providing cybersecurity services to civilian and defense public sector government organizations, and Fortune 500 companies. He has Bachelors Degrees in Business Information Technology and Management from Virginia Tech. The URL to attend the meeting on-line is: http://adobechats.adobeconnect.com/capsec2015oct/

    8
  • Web Hacking Tools

    Lockheed Martin

    Most security presentation to developers are a dry rehashing of OWASP Top Ten; do this and don't do that with terse snippets of code. This session aims to be different in that the tools that are available to hackers will be demonstrated to show how a web application is attacked. Using the OWASP Top Ten as a guide, a combination of vulnerabilities will be used to attack a demonstration application. Several tools will be highlighted: sqlmap, BeEF (Browser Exploitation Framework), Metasploit, and just a web browser. Recent events in security and hacking Overview of OWASP 2013 Top Ten Show how attacks are never a single issue, but combination of vulnerabilities See what SQL Injection and password compromise really look like See why XSS is a serious vulnerability The URL to attend the meeting on-line is: http://adobechats.adobeconnect.com/capsec2015sep/

    22
  • Active Information Gathering

    Lockheed Martin

    The largest success factor for cyber attacks is possessing detailed information about the target. In this meeting will discuss basic networking concepts, ping, port scanning, OS finger printing, and intrusion detection systems. Our hands on exercises will focus on using ping, telnet, and nmap to identify information about target systems. The URL to attend this meeting on-line is: http://adobechats.adobeconnect.com/capsec2015aug/

    10
  • Creating a Security Metrics Program

    Lockheed Martin

    Unlike many other aspects of the enterprise, metrics have seldom been applied effectively to information security. Most methods of justification for security projects and expenditure have revolved around appeals to Fear, Uncertainty and Doubt (FUD), or to meet requirements for compliance audits, such as SOX, GLBA or HIPAA. Methods previously attempted for defining security metrics, such as Annualized Loss Expectancy (ALE) and Return on Security Investment (ROSI) have had critical flaws which limited their usefulness in determining risk. In an era of increasingly flat budgets for IT projects, it is critical for the security department to justify continued expenditure to management, and to ensure that security technology, processes, staffing and training are adequately defending the enterprise. This presentation will outline a methodology to allow an organization to create an effective security metrics program for the enterprise, to enable justification of continued security expenditure, identify risk and weaknesses in the current security program, and enable improvement in the risk posture over time. The link to attend this meeting on-line is: http://adobechats.adobeconnect.com/capsec2015may/

    8
  • Passive Information Gathering

    Lockheed Martin

    This month's meeting we will cover passive information gathering. This includes employee identification, wireless access point identification, website and web page analysis, dumpster diving, Google hacking, and domain ownership. The link to attend on-line is: http://adobechats.adobeconnect.com/capsec2015apr/

    16