• BSM July 2019

    DigitalOcean

    Thanks to this month's sponsors: Digital Ocean and Github. * Please take a moment to familiarize yourselves with our Code of Conduct and Vendor/Recruiter policies at https://www.meetup.com/The-Boston-Security-Meetup/about/ Bring your ideas and great conversation we will provide the food and beverages. Talk #1 "Using Chrome OS as a Security Practitioner" by Ming Chow. Ming Chow is a Senior Lecturer at the Tufts University Department of Computer Science. His areas of interest are web and mobile security, and Computer Science education. He has served as a mentor to a BSides Las Vegas Proving Ground track speaker since 2014, and is involved in the DEFCON Packet Hacking Village. Talk #2: "Hacker Controversy Questions - a Panel" Boston Security Meetup will be heading up a debate on controversial topics in cyber security. Questions include: Vim or Emacs / Snowden:hero or traitor / blockchain: yay or nay / etc. There will be time for audience questions and participation! Please send us your ideas for future month talks, whether you want to present or just simply interested in hearing about certain topics.

    3
  • BSM June 2019

    DigitalOcean

    Thanks to this month's sponsors: Digital Ocean and Synopsys. * Please take a moment to familiarize yourselves with our Code of Conduct and Vendor/Recruiter policies at https://www.meetup.com/The-Boston-Security-Meetup/about/ Bring your ideas and great conversation we will provide the food and beverages. ################## BEGIN CTF ANNOUNCEMENT ################## This month we will have a CTF that will be run by fine folks from Security Innovation. Seats are limited and you have to sign up through CMD CTRL CTF form here => https://web.securityinnovation.com/boston-meetup-2019 ################### END CTF ANNOUNCEMENT ################### In addition to the CTF we will have our regular talks in the common area. Please be considerate and only register for the CTF if you are going to participate in it. Talk #1 "Scanning your Infrastructure - Going Beyond Prepared Scans" By Corinne S. and Heather C. Description: Modern vulnerability scanners are a cornerstone of security at a company. They also have a place protecting your home networks. But what happens when you need to check your systems for vulnerabilities that fall outside the CVE database? This presentation will focus on how to write custom Nessus plugins so you can leverage your existing scanning infrastructure to scan for vulnerabilities that fall outside of the generally available checks. Talk #2 - TBD Please send us your ideas for future month talks, whether you want to present or just simply interested in hearing about certain topics.

    2
  • BSM May 2019

    DigitalOcean

    Thanks to this month's sponsors: Digital Ocean and Synopsys. * Please take a moment to familiarize yourselves with our Code of Conduct and Vendor/Recruiter policies at https://www.meetup.com/The-Boston-Security-Meetup/about/ Bring your ideas and great conversation we will provide the food and beverages. Evan Jensen will talk about "ELF Aware Backdoors" which he will be presenting at ReCon Montreal. "This deep dive into the ELF file format culminates in a demo of 'linking' new high level code into a third party pre-compiled executable. Unlike Joshua Pitts’ the-backdoor-factory, this new deployment solution allows users to write high level code without needing to bypass application hardening or traditional host based intrusion detection systems. Users can write generic code or application specific backdoors in C or C++. An example application specific backdoor will also be presented on software in a popular Linux repository. The presented 'linking' software has applications not only in covert software deployment but also instrumentation, testing and lulz." Second presentation is titled "Building a Semi Secure Home Network" by Ori & Max. "Come hear about making your home network more secure and/or feature flush while we have some fun with memes. Get ready to make a shopping list(or not) and start planning some upgrades." Please send us your ideas for future month talks, whether you want to present or just simply interested in hearing about certain topics.

    2
  • BSM April 2019

    DigitalOcean

    First Spring meetup of 2019! Thanks to this month's sponsors: Digital Ocean and GitHub. Bring your ideas and great conversation we will provide the food and beverages. Carson Owlett will be presenting "Hiding in Plain Sight". As long as people have been sending messages, they have been finding ways to hide them. With the era of the computer, older methods such as invisible ink and knitting may have been phased out but modern equivalents have sprung up in their place. Join 5C4R48 in a journey through the methods employed by spies in the old days and techniques employed by hackers in the modern world. Jeremy Blackthorne will be talking about "Reverse Engineering with NSA's Ghidra". Ghidra is the NSA's formerly classified software reverse engineering tool. Released to the public at the RSA Conference in March 2019 by NSA Senior Rob Joyce, it is quickly gaining traction in the wider security community. In this talk, we give a brief overview of Ghidra, demonstrate several of its unique features, and show applications to malware analysis and vulnerability research. Ghidra is free, open source, and currently available on GitHub: https://github.com/NationalSecurityAgency/ghidra. It's also written in Java so it will run on most systems. Feel free to download before-hand and follow along during the presentation. Please send us your ideas for future month talks, whether you want to present or just simply interested in hearing about certain topics.

    11
  • BSM March 2019

    DigitalOcean

    This month BSM is partnering with Cloud Security Alliance(CSA) to bring you two excellent talks. Winnona DeSombre will present "Organization of China’s Cyber Capabilities and Hacker Communities" Adam Bosnian will present "A Changing Paradigm: What Happens When You Put Identity at the Center of Security?" Seats are limited, grab yours before they're all gone.

    5
  • BSM February'19

    DigitalOcean

    We took January off which felt like eternity and we're back with a great line up of speakers for the month of February. Craig Chamberlain will present "Let’s Blow Up the SIEM and Start Over" (¹) and Jeremiah Salamon will present "Starting with Deceptive Defense, Leveraging Opensource Honeypots". There will be time to network, chat up with friends, pick some locks, etc. as usual. Food and beverages will be provided. Hope to see you all there. ¹ Figuratively speaking, we don't think he really means that.

    18
  • BSM December

    DigitalOcean

    Hacker Trivia night. We didn't set up any presentations for December. Let's meet, eat, drink and look back at 2018, play some games(*). (*) Cannot confirm nor deny that there may be a super popular conference ticket which may be first place prize. Still working on this. To clarify: Ticket itself is not free, it will be available at face value with the option to buy it for the prize winner. Conference is already sold out.

    4
  • BSM November

    DigitalOcean

    We're excited about the speakers we've lined up and hope everyone walks away having heard something they can use. A few notes of interest; no recording of events without permission and no rudeness allowed. Food and beverages will be provided. Agenda: - Welcome - Socialize, network - Presentation: "Artificial Intelligence and Security: Five Things I’ve Learned" by Sandy Carielli - Presentation: "Making Encryption Suitable for Business" by Randy Battat

    6
  • BSM October

    DigitalOcean

    Demand is high and space is limited! Please only RSVP 'yes' if you're confident you can make it. Make sure to update your RSVP if your plans change so folks in wait list can join in on the fun. We're excited about the speakers we've lined up and hope everyone walks away having heard something they can use. A few notes of interest; no recording of events without permission and no rudeness allowed. Food and beverages will be provided. Agenda: - Welcome - Socialize, network - Presentation: "2FA is not a silver bullet" by Laurent Poulain - Presentation: "ChatOps: The swiss-army chainsaw of automation" by Joseph Henrich

    2
  • BSM September

    DigitalOcean

    Demand is high and space is limited! Please only RSVP 'yes' if you're confident you can make it. Make sure to update your RSVP if your plans change so folks in waitlist can join in on the fun. We're excited about the speakers we've lined up and hope everyone walks away having heard something they can use. A few notes of interest; no recording of events without permission and no rudeness allowed. Agenda: - Welcome - Social (i.e. speak with one another and try to smile) - Presentation: "Making Application Security Part of Your SDLC" by Joshua Dow - Application Security Engineer at ClearCompany - *IMPORTANT* CPU Speculative Attacks presentation has been postponed. We hope to have this presenter join us in an upcoming meetup.

    4