CiNPA - Security SIG
Details
CiNPA Security SIG: 20th Anniversary Meeting!
Topic 1: Cloud Security and Other Assorted Cautionary Tales
Speaker: Matt Scheurer
https://www.linkedin.com/in/mattscheurer/
https://x.com/c3rkah
Abstract:
Whether one views Cloud Computing as something special, or "just someone else's computer", those resources need secured. One harsh reality of the cloud is that the attack surface is different than on-premises resources. Mistakes no longer remain hidden behind the secure perimeter of on-premises environments. In this talk, we'll cover strategies for hunting down such mistakes thus enabling us to reduce the attack surface. We'll also touch on some excellent resources for improving our cloud security skills. The presentation concludes with a whimsical telling of cautionary tales from observed past cloud mistakes from a Rock Star Incident Responder's perspective.
Speaker Bio:
Matt Scheurer is a show host for the ThreatReel Podcast, and Vice President of Computer Security and Incident Response in a large enterprise environment. He has many years of hands-on technical experience. Matt is an official "Hacking is NOT a Crime" Advocate, serves on the Advisory Board for the Warren County Career Center "Information Technology and Cybersecurity" program, and also volunteers as a technical mentor for the Women's Security Alliance (WomSA). He has presented numerous Information Security topics at countless technology meetup groups, and prominent Information Security conferences, including keynotes at the Cybersecurity Collaboration Forum Cincinnati Leadership Exchange, the Information Security Summit in Cleveland, and Queen City Con in Cincinnati. Matt is also a 2019 comSpark "Rising Tech Stars Award" winner and was named a "Top 12 Hacking Influencer" by Bishop Fox in 2023.
Topic 2: Praeda-II
Speaker: Deral Heiland
https://www.linkedin.com/in/deral-heiland-a708661/
https://x.com/Percent_X
Abstract:
Praeda - Latin for "plunder, spoils of war, booty". Praeda-II is a complete rewrite and update of the automated data/information harvesting tool Praeda that was originally released in 2014. Praeda-II is designed to conduct security audits on Multi-function Printer (MFP) environments.
Praeda-II leverages various implementation weaknesses and vulnerabilities found on multi-function printers (MFP) and extracts passwords such as Active directory credentials from MFP configurations including SMTP, LDAP, POP3 and SMB settings. The tool is designed to evaluate the MFP device configurations looking for certain setting that adversely impact the devices security posture. Also, the tools output logs are structured to be able to import into other tools such as Metasploit and to be easily parsed for quick identification of critical findings and reporting purposes.
During the demonstration, we will introduce everyone to the tool's framework structure, and show how new test modules and device fingerprinting can be easily added. We will walk all attendees through the various features and functions of this tool and explain how to effectively leverage it during internal penetrations testing, red team operations and blue team internal environment audits. This walk-through of the tool will include examples, such as testing to gather credentials that can be used to gain access to critical internal systems, address book recovery containing account names and email address, and MFP device misconfiguration impacting an organization security posture.
Speaker Bio:
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral's career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Dark Reading, Threat Post and Infosecurity Magazine.
About Us:
The CiNPA Security SIG is the Cincinnati Networking Professionals Association Security Special Interest Group. We meet monthly on the third Thursday of each month, starting at 6:30 p.m.
Please connect with us on Google Groups at https://groups.google.com/g/cinpa-security-sig to stay updated on notices. (This link will explain how to join the group.)