TactiFail
Thursday, July 8th – 6:12pm @ Virtual
Hello hackers!
This month we are happy to have Jacen Kohler join us to speak a bit on physical ID forgery:
A common method of gaining legitimacy on social engineering is the “Appeal to Authority” technique. This involves preforming OSINT on your target and referencing a figure of authority. If you have a fake employee ID, you can take a step closer to becoming the authority. A forged badge can add a visual layer to your story helping target employees become more likely to see you as a legitimate entity. In this talk, I will be showing how to create simple forged IDs, share some tips that helped me in previous engagements, and give an overview of times when having a fake badge helped me achieve my goals set forth by the client.
Jacen R Kohler has been working in cyber security and information security for the last 6 years. He received his degree in Computer Engineering from the University of North Texas in Computer Engineering. His career in security consulting has taken him through many industries including finance, transportation, energy, and government.
As usual these days, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, April 8th – 6:12pm @ Virtual
Hello Hackers!
This month we are happy to have @grnbeltwarrior speak on red team phishing operations:
Where is the Red Team? There’s a sign here that reads: Gone Phishing. I am aiming to cover some ground on what is phishing. A brief inventory of what you can have in your tackle-box. OSINT for phishing, OPSEC considerations, seeding and paying attention to details can clue you into combining technologies to get a user to click.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
See you there!
— TactiFail
Thursday, April 1th [sic] – 6:13PM [sic] @ Virtual
Hello, Hackers!
This month, we are excited to have not one, but TWO meetings scheduled! The normal “second Thursday” meeting will be on April 8th as usual, and details will be posted in a separate update, but we have a special Totally Serious meeting this Thursday, April the First, at 6:13 PM (6:12 PM had a scheduling conflict) as well!.
We will have three speakers, each presenting a short 10-minute talk on a topic of their choice. This is ground-breaking research, and we are proud to be able to share it with you. The speaker deck includes:
- “Cyber Meteorology: Cloud to Lake and back again…” An unclassified DoD briefing on the Data Water Cycle and its threats and opportunities. – @hackermatic
- “C aF*@!” The cipher everyone is using and you didn’t know it – @435ftw
- “Modernizing the pathos of the software development life cycle to adhere to post pandemic mental health” – @strongthany_
Possibly not in that order, but we’ll see (our PRNG is a bit wonky lately). Either way, very excited to see you all this Thursday, April 1th [sic].
As usual these days of Covid and ships getting stuck sideways in the Suez Canal, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, March 11th – 6:12pm @ Virtual
Hello Hackers!
This month we are happy to have Chris Weiland speak on “Hacking Local Politics”:
As the lines between technology and society become blurred (or even non-existent), it’s becoming increasingly important for those with technical expertise to become involved in government. Anyone can show up to a local council meeting or send an email to their congresswomen, but if your goal is to be a truly effective activist you need to be strategic.
Chris Weiland is a freelance nerd and the co-chair of Restore the Fourth Minnesota. He has been engaged with various political projects over the years, most recently playing an active role in the push for a ban of face recognition technology in the city of Minneapolis. In this talk he will discuss the lessons he has learned over years of local political activism, and how you can transfer technical expertise into effective political action.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, February 11th – 6:12pm @ Virtual
Hello hackers!
This month we are happy to have Colin Lee speak on “Your Code Security Blanket”:
Colin is an Android software developer at http://Meetup.com. He has evaluated code security while working at Amazon and Mozilla and as an independent contractor for banks and other organizations. In that time, he’s caught numerous security flaws in production code.
Amazon keeps a tight lid on their security processes. They even run an internal conference designed to look and feel like Defcon for their employees, so very few attend the real event.
We’ll examine how Amazon reviews their corporate code for security flaws. Also, we’ll see how several high profile security incidents were caused by common coding errors.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail