Author: Johnathan Wong

Good morning everyone,

As midterms approach, we also have many BIG TICKET events coming up. This post should serve as a good reference for dates and times – it will be updated as more details come to light! First, two things to arrive in the near future:

1. Please watch the Discord announcements this week and next week. There will be a lot of announcements concerning ISSessionsCTF2020 on March 14 @ Trend Micro Office in Toronto. Spots are limited. You will want to be well-informed on any news and information surrounding the event. Additionally, forming teams of 4 might be beneficial in the long run. Registration opens on Monday Feb 17. And please I humbly ask you to register only if you are 110% sure you will attend. The Eventbrite link + a detailed breakdown of event day will be posted on Friday.

2. For those unaware, Lee Kagan had some unforeseen difficulties on our original planned date. We are happy to announce that the Command and Control workshop has been rescheduled to Feb 28 8:30AM-5:00PM with the pre-workshop setup happening on Feb 27, 7:00-9:00PM. There is a new Eventbrite so kindly register again! Food (likely pizza/coffee/snacks) will be provided!

You can register for that specific event here:
https://www.eventbrite.ca/e/lee-kagan-building-command-control-servers-c2s-workshop-advanced-track-tickets-94055286895

Please note the following important dates for events during this semester:

[Monday, February 17, 9:00AM @ Eventbrite] – ISSessionsCTF2020 Registration Opens

[Thursday, February 27, 7:00PM-9:00PM @ Room J102] – Command & Control Pre-Workshop Setup

[Friday, February 28, 8:30AM – 5:00PM @ J102] – Command & Control Workshop

[Saturday, March 6, 7:00PM @ J102] – Special Meeting: How-To-CTF!

[Saturday, March 14, 8:30AM @ Trend Micro Office, Toronto] – ISSessionsCTF2020

[Saturday, April 4, 8:30AM-5:30PM @ Rooms TBD] – ISSessions Workshop Day #2, Beginner Track [Intro to Soldering by Nick, Building a DIY Rubber Ducky by Richard and Daniel], Advanced Track [Intro to Assembly by John Simpson, N-Day Vulnerability Researcher at Trend Micro]

Date: 2020-01-24
Time: 19:00 – 20:25
Location: Room J102, Sheridan Trafalgar Campus, Oakville

Agenda
19:00 – Announcements with Louai
19:05 – News Roundup with Nick and Adam
19:25 – Feature Story with Louai
19:45 – Rick’s Random Repo Rundown
19:55 – Guest Speaker Matthew Siuda on Office 365 Forensics
20:25 – Wrap and refreshments (across the street at the pub)

Just a reminder to you all we have ISSessions this Friday! We’ll have our usual news roundup with Nick and Adam, a feature story with Louai, Rick’s random repo rundown, and a special guest speaker!

Our special guest speaker is Matthew Siuda (@suede) from Kivu Consulting. Matthew will be delivering a presentation on Office 365 Forensics. Matthew (Twitter @suedeSecurity) is a recently graduate from Sheridan and has prior experience doing threat hunting and investigations for Office 365.

As companies improve their perimeter defenses, threat actors have been focusing their efforts on to the weakest link in IT Security: The human. An attacker with access to a trusted corporate email account is capable of manipulating others through social engineering to achieve their goals. How do you identify that an account has been compromised? What is the course of action for resolving a business email compromise scenario?

We hope to see you all this Friday!

Happy New Year to you all! Both school and our activities will be starting up again as we host our first meeting of the year this Friday, January 10th.

Date: 2020-01-10
Time: 19:00 – 20:25
Location: Room J102, Sheridan Trafalgar Campus, Oakville

Agenda
19:00 – Announcements with Louai
19:05 – News Roundup with Nick
19:25 – Project Den: OWASP IoT Top 10 with Nicholas Johnston
19:55 – Guest Speaker Alana Staszczyszyn on “War in the Fifth Dimension: An Overview of the Weaponization of Information”
20:25 – Wrap and refreshments (across the street at the pub)

We have a #projectden segment by our very own Nicholas Johnston! Nick (@nickinfosec on Twitter) is a professor and the program coordinator Sheridan College’s cybersecurity bachelor’s degree program. Nick will introduce us to the OWASP IoT top 10 list followed by a case study in developing an IoT product1s. This will provide us with an understanding of the root cause of common vulnerabilities.

Afterwards, we close off the night with our guest speaker, Alana Staszczyszyn, to explain an overview of the weaponization of information. Alana (@cubes_n_spheres on Twitter) is a practicing security consultant and recent Sheridan ISS graduate!

What defines a cyberwar? Does cyberwarfare actually exist, or are cyber attacks just a means of enacting warfare in the kinetic world? And, more importantly, will escalating political tensions ever result in a cyber conflict, or are we already in the middle of a global cyber cold war?

War in the Fifth Dimension explores what military doctrines, academic literature, international legal frameworks, and the media have collectively coined as the newest domain of warfare. Despite this agreeance that cyberwarfare is a plausible concept in the real world, there is little surety as to what exactly counts as an “act of war” in the cyber realm. Cyber attacks primarily target activities and “intangible” data that kinetic conflicts would separately consider to be espionage, terrorism, or psychological and economic manipulation – in other words, strictly the affairs of domestic law.