TactiFail
Thursday, December 9th – 6:12pm @ Virtual
Hello Hackers!
Apologies for the late post, but we are excited to be joined by Kyler Middleton for this last meeting of the year:
Come learn how a large healthcare company converted their static CI/CD builders from static VMs to ephemeral docker builders that are deployed via terraform into both Azure and AWS.
Kyler Middleton (she/they) has been building and repairing computers since she found out the farmers around her childhood ranch would trade brownies for computer support. She is self-taught, and has worked throughout most of the IT spectrum, from building a call center for 200+ agents, managing networks and security for ~100 vet clinics, to securing health care data in the cloud. Middleton is a PluralSight author, and owns her own consulting firm, helping secure and connect American manufacturing. She is a strong advocate for making DevOps and security approachable. She works at IAM Pulse to help engineers with cloud IAM issues, and to help shape the industry around cloud security.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612. See you there!
— TactiFail
Thursday, September 9th – 6:12pm @ Virtual
Hello Hackers!
Hopefully everyone is recovered from DefCon last month, or just enjoyed some downtime. Either way, we are back to our regularly-scheduled hackery!
This month we are joined by Caleb Shingledecker, who is the co-founder and lead developer at the startup Becoming Machinic:
Caleb Shingledecker will provide an overview of constraints facing multi-cloud infrastructure in organizations, and outline a utility he’s been developing that utilizes Wireguard to orchestrate connections between nodes, regardless of locale or cloud vendor.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, July 8th – 6:12pm @ Virtual
Hello hackers!
This month we are happy to have Jacen Kohler join us to speak a bit on physical ID forgery:
A common method of gaining legitimacy on social engineering is the “Appeal to Authority” technique. This involves preforming OSINT on your target and referencing a figure of authority. If you have a fake employee ID, you can take a step closer to becoming the authority. A forged badge can add a visual layer to your story helping target employees become more likely to see you as a legitimate entity. In this talk, I will be showing how to create simple forged IDs, share some tips that helped me in previous engagements, and give an overview of times when having a fake badge helped me achieve my goals set forth by the client.
Jacen R Kohler has been working in cyber security and information security for the last 6 years. He received his degree in Computer Engineering from the University of North Texas in Computer Engineering. His career in security consulting has taken him through many industries including finance, transportation, energy, and government.
As usual these days, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, April 8th – 6:12pm @ Virtual
Hello Hackers!
This month we are happy to have @grnbeltwarrior speak on red team phishing operations:
Where is the Red Team? There’s a sign here that reads: Gone Phishing. I am aiming to cover some ground on what is phishing. A brief inventory of what you can have in your tackle-box. OSINT for phishing, OPSEC considerations, seeding and paying attention to details can clue you into combining technologies to get a user to click.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
See you there!
— TactiFail
Thursday, April 1th [sic] – 6:13PM [sic] @ Virtual
Hello, Hackers!
This month, we are excited to have not one, but TWO meetings scheduled! The normal “second Thursday” meeting will be on April 8th as usual, and details will be posted in a separate update, but we have a special Totally Serious meeting this Thursday, April the First, at 6:13 PM (6:12 PM had a scheduling conflict) as well!.
We will have three speakers, each presenting a short 10-minute talk on a topic of their choice. This is ground-breaking research, and we are proud to be able to share it with you. The speaker deck includes:
- “Cyber Meteorology: Cloud to Lake and back again…” An unclassified DoD briefing on the Data Water Cycle and its threats and opportunities. – @hackermatic
- “C aF*@!” The cipher everyone is using and you didn’t know it – @435ftw
- “Modernizing the pathos of the software development life cycle to adhere to post pandemic mental health” – @strongthany_
Possibly not in that order, but we’ll see (our PRNG is a bit wonky lately). Either way, very excited to see you all this Thursday, April 1th [sic].
As usual these days of Covid and ships getting stuck sideways in the Suez Canal, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail