September, 2017 Chapter Meeting

Our May chapter meeting is on Wednesday, September 6th, 2017 at 5:45PM. Please RSVP if you plan on attending!

Defending Against Pass-The-Hash

Abstract: Sure everyone in IT knows about ransomware, DDOS, and various sorts of malware. However many IT folks either don’t know or don’t know how to defend themselves against a flaw that affects all Microsoft Operating Systems. I’m talking about Pass-The-Hash. Pass-The-Hash has existed from the very beginning, and is a powerful technique that attackers can use to move laterally, and escalate privilege in your Windows Environment. We’ll be discussing why it’s possible, what are the business risks involved, and mitigation techniques.

Speaker Biography: Mikhail Burshteyn is a Security Consultant for CDW, performing penetration tests for various types of customers and industries. He has a passion for security, breaking things, and showing people the risks that can be involved with different technologies. He is a former graduate of Central Michigan University, and holds a number of certifications including CISSP and CCNA.

Schedule

5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

2017 Summer Break

Hi all — we’re on break until September 6, 2017. We’re actively soliciting ideas for next year’s meetings, so please reach out to us if you’d like to be a part of the chapter.

Thanks and have a great summer.

Sincerely,
Board of Directors

May, 2017 Chapter Meeting

Our May chapter meeting is on Wednesday, May 3rd, 2017 at 5:45PM. Please RSVP if you plan on attending!

Embedding Security in Embedded systems

Abstract: If security were easy, we’d have solved it 20 years ago. Unfortunately for complex systems, we need all-hands- on-deck: developer training, correct implementation, proper deployment and monitoring, secure updates, and response planning. Come be encouraged by Dr. DeMott to apply security best practices to the embedded specific domains.

Speaker Biography: Dr. Jared DeMott is former NSA and Microsoft BlueHat Prize winner. He’s frequently quoted in media, and invited to speak. He’s the founder of Vulnerability Discovery & Analysis (VDA) Labs. You’ll find fingerprints of VDA across the InfoSec community: fuzzing, code auditing, exploitation, incident response, malware analysis, pentests, threat intelligence, and security training. When DeMott isn’t leading a project, or bypassing a security control, he’s enjoying time with his family outdoors.

Schedule

5:45-6:00PM Networking, dinner
6:00-7:15PM Presentation
7:15-7:45PM Q&A

Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

April, 2017 Chapter Meeting

Our April chapter meeting is on Wednesday, April 5th, 2017 at 5:45PM. Please RSVP if you plan on attending!

Current threats presented by Michigan State Police Cyber Command Center

Abstract: Michigan State Police representatives will be discussing current cyber threats trends and the services that the Michigan Cyber Command Center and FBI can offer during and after an incident occurs.

Speaker Biography: D/Sgt Dan Cook has been employed with the Michigan State Police for the past 17 years. His career has involved a multitude of investigative topics. His current position is within the Michigan State Police, Michigan Cyber Command Center (MC3) and is assigned to the FBI Cyber Task Force. His investigations cover both state and national cyber related threats/criminal activity.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map

March, 2017 Chapter Meeting

Our March chapter meeting is on Wednesday, March 1st, 2017 at 5:45PM. Please RSVP if you plan on attending!

Bug bounties – Don’t hate the player, hate the game

Abstract: Recent attacks provide insight on cyber assaults which require immense planning and fortitude. While some assaults took advantage of opportunistic findings, many did not. Companies are constantly striving to improve their security posture, but no system is vulnerability free and external scrutiny is a bonus. It is increasingly more difficult to find some of those most critical types of security vulnerabilities. Better testing is needed. To attract attention for the special kind of testing needed, a bug bounty program will go a long way. Security researchers, hackers, and enthusiasts from all over the world participate for the benefit of all parties. However, cracking bug bounties is harder than it looks. John Menerick shows how certain methodologies can affect institutions, researchers, and might even have an impact on our chances for success.

Speaker Biography:

John Menerick’s interests include cracking clouds, modeling complex systems, developing massive software-defined infrastructures, automating deceptive incident responses, designing zero trust security architectures, and is the outlier in your risk model. While John is the founding security team member of many successful institutions, currently, John is Lake Michigan Credit Union’s CISO and Research Something’s Chief Cyber Security Researcher.

Schedule

5:45-6:15PM Networking/Membership signup / Dinner
6:15-7:15PM Presentation
7:15-7:45PM Q&A

NEW LOCATION Location Information

Metro Health IT Facility
985 Gezon Parkway (across from Target loading dock)
Wyoming, MI, 49519

Map