ISSessions – 2020-06-19

This week’s ISSessions meetup details:

  • Date: 2020-06-19 (Friday)
  • Time: 19:00-21:00
  • Location: VIRTUAL (Discord + YouTube)

19:00 – Future of ISSessions- Kurt  🎙
19:10 – News Roundup – Adam & Yusef  🗞
19:30 – Repo Rundown – Nick  💡
19:40 – Project Den – Louai  🛠
20:00 – Break  🍺 
20:05 – Guest Speaker – Laura Harris  👑 

We have a solid ISSessions planned for you all Today! After kicking things off with Kurt’s announcements, and getting up to speed with the biggest news in infosec with Adam & Yusef, Louai will be treating us to a Project Den where he gives us the lowdown on MiniDump. To finish off the night, our guest speaker, Laura Harris, will be breaking down Bloodhound. You do not want to miss this meeting!

Building Detections for MiniDump Using Sysmon & Procmon by Louai Abboud

In an effort to escalate privileges, attackers can create core dumps of processes in memory to steal passwords, ssh keys, and sensitive information. In this Project Den segment, Louai will walk you through his journey studying MiniDump, a simple process dumping technique, all the way from threat research to rule building.

Louai is a Threat Hunting Intern at Bell. He is a former President and the current Vice President of ISSessions, the greatest (and likely only) cybersecurity club in the 7 kingdoms and the free cities.

Bloodhound 101 – Attacking Active Directory by Laura Harris

A tutorial on installing bloodhound, visualizing data, and discovering the shortest path to Domain Admin.

Laura Harris is a Security Consultant at CIBC and also a recent graduate of her Post-graduate Degree in Network and System Security. She has been in security for 3 years, taking on several different roles, some of which include Security Consultant, Security Analyst, and Pre-Sales Engineer. She currently has a keen interest in malware analysis and reverse engineering, but overall, she has a passion for analyzing.

We hope to see you all on Friday for this especially technical meetup! 

Virtual ISSessions Meeting on 2020-05-15

Howdy, everyone! Please join us for our first meeting with the new executive team on Friday, May 15th, through Discord! This will be a very important meeting and we want you all to join! The details are as follows:

Date: 2020-05-15
Time: 19:00 – 21:00
Location: VIRTUAL (Discord) 💻 

19:00 – Announcements – Kurt 📣
19:10 – News Roundup – Nick & Adam 🗞
19:30 – Repo run down – Nick 🚨
19:40 – Brainstorm Fiesta 🧠
20:05 – Break 😎
20:15 – Guest Speakers: Julian P. & Lovell S. 👑 

We will have the usual News Roundup with Nick and Adam and Nicks Repo run down. Along with this, the opportunity for YOU to tell us what you want to see from ISSessions throughout the year. Lastly, Julian P. & Lovell S., from Mandiant, will be giving us a very relevant session on their “Tales from The Trenches”.
Julian Pileggi is a Technical Manager at Mandiant, based in Toronto, Canada. His areas of expertise include enterprise incident response, digital forensics, and threat hunting. Lovell Smith is a Senior Consultant in Mandiant’s Canadian region. As part of the Incident Response team, he provides emergency services to clients when a security breach occurs.
The “Tales from The Trenches” talk is intended to provide case studies and stories from real-life incidents and investigations. The presentation will also focus on the challenges and problems that organizations faced and how they overcame them.
See you all there!