ISSessions 09-24-2020

Are you curious about how to get started jumpstarting your InfoSec/Cyber Security career? Don’t worry – we got you covered!We have secured 5 tremendous InfoSec professionals who want to share their knowledge with you.

Hey there everyone!

When you hear about the meeting we have in store… just brace yourselves! Get ready, because, on Thursday, September 24th at 7:00 PM, we have a star-studded line-up planned! We will be live on Discord and YouTube as always!

Are you curious about how to get started jumpstarting your InfoSec/Cyber Security career? Don’t worry – we got you covered!We have secured 5 tremendous InfoSec professionals who want to share their knowledge with you. It will be an open discussion forum led by our very own Event Manager and VP, Jamie & Louai. You have the opportunity to contribute your questions by either filling out the form below or asking you questions on Thursday night!

Link to ask questions: https://forms.gle/YTDw3W7fxkU3FN8f9

YouTube Link: https://www.youtube.com/watch?v=MxGGPU9qWHE&ab_channel=ISSessions

Discord Link: https://discord.com/invite/YYeezah

Our incredible panel of guests includes many faces you may already know in addition to some new ones too:

Alana Staszczyszyn
Alana Staszczyszyn is a practicing security consultant. Her past and present work has focused on penetration testing and security governance in the public health sector. She is also heavily interested in various political, socioeconomic, and cultural aspects of cybersecurity, particularly on how the intersections of security and those domains have given rise to new cyber-threat landscape risks.

John Simpson
John graduated from the Sheridan Information Systems Security program in 2015 and is currently a vulnerability researcher and team lead with Trend Micro in Toronto. He started his career with a coop position at Deloitte and stayed on board after graduation, working in Security Operations Center engineering and vulnerability assessment/penetration testing roles. In his current position, John reverse engineers vulnerabilities to write proof-of-concept exploits and devise network detection strategies to catch exploitation attempts. During the last 4.5 years in his current role, he has discovered several new vulnerabilities, authored blog posts for Trend Micro and Zero Day Initiative, and spoken at several conferences.

Nicholas Johnston
Nick is the program coordinator for, and professor in, Sheridan College’s Honours Bachelor of Applied Information Sciences (Information Systems Security) degree program. Previous to his academia role, Nick led an incident response team, worked as a computer forensic investigator, programmer, penetration tester, secure code auditor, and general InfoSec consultant. You can find Nick on Twitter at @nickinfosec where he’ll either be tweeting cringe-worthy cyberpuns or electronics/maker questions.

Lee Kagan
Lee started in IT and security world in 2010 in Toronto, Canada. When Lee isn’t tip-toeing through enterprise’s Active Directory environments, he’s running the DerbyCon Toronto Community Chapter, the Canadian Collegiate Cyber Exercise (C3X), and as an instructor teaching Canadian offensive and defensive professionals ways to up their game. Lee has spoken at multiple events and conferences such as BSides and SecTor. In his spare time, Lee is an executive chef at a restaurant in his mind.

Olivier Lemelin
Olivier is currently a Threat Hunter at a major Canadain Telco and has been a part of the security industry for the last five years. He believes that the modern web browser is too complex and could be replaced by a well-behaved terminal environment and a bunch of Gopher servers. In his free time, he enjoys binary exploitation, Emacs, LISP programming, and gardening, all from the comfort of his $HOME.

We hope to see you all there! You definitely won’t want to miss this ISSessions meet-up 🙂

– ISSessions Executive Team

Virtual ISSessions Meeting on 2020-08-27

ISSessions this Thursday at 7:00 PM and we have two special segments planned. A debrief of our favorite talks and workshops from #DEFCONSafeMode along with a presentation on #ActiveDirectory and #Kerberos from Alex Kozlov

Attention everyone!

As summer winds down and we get ready to go back to class (online though…), we want to show you what ISSessions is about. If you have never been to an ISSessions meet-up, now is your chance. We have a very appealing meet-up planned this Thursday, August 27 @ 7:00 PM, for all infosec walks of life.

To start, Kurt will give an update with what’s happening in ISSessions, followed by the most critical infosec news to date with Nash and Yusef. Next, your amazing exec team will walk you through our favorite talks from Defcon a couple of weeks ago. We’ll finish off the night with a presentation/walkthrough from an inspired and knowledgeable community member and red teaming professional.

Watch on YouTube: https://bit.ly/2YFdENq

Defcon Week Debrief: Favourite Talks & Workshops Now that Defcon: Safe Mode is behind us, it’s time for a debrief! In this segment, your club executives will discuss their favorite Defcon: Safe Mode talks and workshops! A particular emphasis will be placed on new learnings and paradigm shifts! In the end, we’ll open up the discussion to the broader audience, so please feel free to contribute! Still haven’t watched any talks yet – now is your chance: https://www.youtube.com/user/DEFCONConference/playlists

Attacking Active Directory: As told through Hack The Box Active Directory and Kerberos are some of the most prevalent and efficient systems in internal network environments. As such, it’s also pretty easy to overlook misconfigurations or possible vulnerabilities in these services. As penetration testers, understanding Active Directory is essential to attacking corporate networks- why pop boxes when you can abuse built-in features? In this talk, Alex will be walking through how to abuse one such flaw to get the goods and plant yourself on a system.

Alex Kozlov is the Team Lead for the penetration testing & Red Team divisions at Access 2 Networks.

The exec team is pumped for this meeting and we hope you are too. Be sure to check it out as it’s our last meeting before school starts up again! See you all there!

ISSessions – 2020-07-30

We have another revolutionary ISSessions this Thursday, July 30th. We will be having our first-ever Hack The Box walkthrough! If you’ve never done hack the box, you’re in luck! We’ll be getting our feet wet with Legacy, a Windows box. Don’t miss it!

This week’s ISSessions meetup details:

  • Date: 2020-07-30 (Thursday)
  • Time: 19:00-21:00
  • Location: VIRTUAL (Discord + YouTube)

Agenda
19:00 – Announcements – Kurt 🎙
19:10 – News Roundup – Adam & Yusef 🗞
19:30 – Repo Rundown – Nick 💡
19:45 – The Legacy Box: Hacking SMB – Cem, Nashad, & Louai 🔐 

Fellow Hackers!

From all of us at ISSessions, we hope you are staying safe and enjoying yourself as the world opens up!

We have another revolutionary ISSessions this THURSDAY (Yes! Thursday, not Friday). We’ll start the meet up with Kurt’s announcements followed by the biggest news in infosec with Adam and Yusef. Then, Nick will take us through another one of his informative and enlightening Repo Rundowns. Finally, we’ll wrap up the night with our first-ever Hack The Box walkthrough! If you’ve never done hack the box, you’re in luck! We’ll be getting our feet wet with Legacy, a Windows box.

The Legacy Box: Hacking SMB by Cem, Nashad, & Louai
Hack The Box is an online platform used by InfoSec professionals and enthusiasts to test and advance penetration testing and cybersecurity skills. In this portion, your incredible club execs Nash and Cem will be walking you through the whole exploitation process from initial access to full compromise.

Many of the machines on HTB can be solved with some research and trial & error. However, do you really know whats going on under all the scripts and shells? For all the blue teamers and reverse engineers amongst you, good old Louai will be walking you through a more in-depth overview of the exploits used, and how to defend against them.

We hope you join us this THURSDAY for this spectacular ISSessions!

-ISSessions