Uncategorized
Thursday, February 11th – 6:12pm @ Virtual
Hello hackers!
This month we are happy to have Colin Lee speak on “Your Code Security Blanket”:
Colin is an Android software developer at http://Meetup.com. He has evaluated code security while working at Amazon and Mozilla and as an independent contractor for banks and other organizations. In that time, he’s caught numerous security flaws in production code.
Amazon keeps a tight lid on their security processes. They even run an internal conference designed to look and feel like Defcon for their employees, so very few attend the real event.
We’ll examine how Amazon reviews their corporate code for security flaws. Also, we’ll see how several high profile security incidents were caused by common coding errors.
As usual these days of Covid, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, January 14th – 6:12pm @ Virtual
Hello my fellow Hackers and Humans !
This month, we don’t have any big speaking engagement booked, instead we’re going to take a more down tempo approach to our January meeting. And as my 2020 mood bleeds into 2021, I thought we’d try something a little different.
Next week, we will have an open and themed discussion entitled “My favorite sticker (or badger)“.
Bring your favorite sticker or badge to @DC612 on Thursday and tell us a story. I want to hear why its your favorite, what fun memories you have of your con swag ?
Let’s spend some time dreaming of stickers, badgers and cons past and future.
Open hangout start from 6pm CST onwards.
-kat
Thursday, December 10th – 6:12pm @ Virtual
Happy December Hackers !!
This month we have a special remote guest all the way from Chennai! I for one am ready to be enthralled by black art of virtual machine management!
Setting up a Pentesting Lab with Vagrant
Vagrant is a tool that helps with the management of virtual machines. In this talk, we will explore what is, why Vagrant, some Vagrant basic commands and Vagrant features like scaling and provisioning.
We will end the talk by setting up the pentesting lab using the Vagrant. By the end of the talk, the attendees can able to understand the basics of Vagrant.
About Our Speaker – @joshva_jebaraj
Joshua Jebaraj is a student currently pursuing his undergrad at Vellore Institute of Technology Chennai. He is an active member of many open-source communities like Null, Ansible and Hashicorp He frequently speaks at the @nullchennai chapter and #OwaspVITChennai.
He has also spoken at conferences like Owasp-Seasides, Bsides-Delhi and Open-Security-Summit. He also holds a certification for CDP. When away from the screen he can be found watching movies and making memes
– @nightmareJS
Thursday, November 12th – 6:12pm @ Virtual
Hello hackers!
This month we will have our heads in the clouds as Yoni Leitersdorf performs a live demo of 5 days’ worth of research into non-traditional cloud hacking:
Oftentimes, when we think about protecting resources in the cloud, we immediately think about the typical ways in – via public-facing applications or abuse of credentials. In this talk, we will look at one additional way: through the work unit parameters of a service. During the development of Indeni’s Cloudrail SaaS product, Yoni was responsible for trying to find ways to hack into the service. One of the ways he found, raises questions about how secure ECS workloads really are.
As usual these past few months, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail
Thursday, October 8th – 6:12pm @ Virtual
Hello hackers!
Look around your workspace – do you have a wireless keyboard or mouse? If so, maybe power them off while @FreqyXin is around:
Mousejack and its associated wireless HID attack surface came to notoriety a few years ago, with the help of some exceptionally cheap hardware, and Bastille Labs’ eye-catching web site. The risk that users could be attacked through their wireless mouse or keyboard from major manufactures, certainly rattled more than a few CISOs. During this chat we will talk about Mousejack and the resulting corporate response, from my first chance exposure to the device as an intern, through to being offered a position to lead internal pen testing for uncovering massive exposure within an organization. This is essentially the story of how I broke into the security industry –while still in college, with tales of technical triumphs and hacker pranks for both red and blue team to enjoy.
Always love a good prank, can’t wait!
As usual these past few months, we will be meeting online at https://cafe.cyberia.club/dc612.
— TactiFail