Uncategorized

Thursday, October 8th – 6:12pm @ Virtual

Written by  on September 28, 2020

Hello hackers!

Look around your workspace – do you have a wireless keyboard or mouse? If so, maybe power them off while @FreqyXin is around:

Mousejack and its associated wireless HID attack surface came to notoriety a few years ago, with the help of some exceptionally cheap hardware, and Bastille Labs’ eye-catching web site. The risk that users could be attacked through their wireless mouse or keyboard from major manufactures, certainly rattled more than a few CISOs. During this chat we will talk about Mousejack and the resulting corporate response, from my first chance exposure to the device as an intern, through to being offered a position to lead internal pen testing for uncovering massive exposure within an organization. This is essentially the story of how I broke into the security industry –while still in college, with tales of technical triumphs and hacker pranks for both red and blue team to enjoy.

Always love a good prank, can’t wait!

As usual these past few months, we will be meeting online at https://cafe.cyberia.club/dc612.

— TactiFail

Thursday, September 10th – 6:12pm @ Virtual Only

Written by  on August 31, 2020

Hello hackers!

Last month, DefCon had its first-ever fully-online, widely-distributed, fault-tolerant, canceled conference. There were some hiccups, but overall things went smoothly. While we are hopeful that it won’t need to be virtual again in the future, it was undeniably a unique experience.

This month, we have a special guest speaker who has given several talks at DefCon and other conferences, instructs for SANS, and knows a thing or two about Kerberoast. You may know him as none other than Tim Medin!

Tim will be presenting on various Kerberoast attacks and defenses:

Kerberos, besides having three heads and guarding the gates of hell, protects services on Microsoft Windows Domains. Its use is increasing due to the growing number of attacks targeting NTLM authentication. Attacking Kerberos to access Windows resources represents the next generation of attacks on Windows authentication. In this talk Tim will discuss his research on new attacks against Kerberos, including a way to attack the credentials of a remote service without sending traffic to the service as well as rewriting tickets to access systems. He will also examine potential countermeasures against Kerberos attacks with suggestions for mitigating the most common weaknesses in Windows Kerberos deployments.

Whether you are an attacker or a defender, or just a curious hacker, or all three, this is not to be missed.

As usual these past few months, we will be meeting online at https://cafe.cyberia.club/dc612.

— TactiFail

August 2020 – DC612 is Canceled!

Written by  on August 3, 2020

Hello Hackers!

As most of you have probably gleaned, DefCon is canceled. For real. Sort of.

Since DefCon is moving to a virtual-only SafeMode this year, things are a little different to say the least. Nobody really knows what it will be like. Will there be connection issues? A DDoS? Will DNS stop working? Probably all of them at once if we’re being honest.

This is definitely a unique situation to find ourselves in, and one that will hopefully not repeat in 2021. As such, we are encouraging everyone to experience it in its fullest (if you are able) and we will not be having a DC612 “meetup” like we normally would in Vegas. Take this time to see what works and what doesn’t, what needs improvement, and maybe take some notes for our future virtual meets.

With luck, masks, and common sense, we’ll see you all in-person next year. But hopefully sooner. But probably not. Expect a September virtual meeting to be planned as usual.

— TactiFail

Thursday, July 9th – 6:12pm @ Virtual Only

Written by  on July 5, 2020

I hope this post finds you happy and healthy and thoroughly unmelted.

I think if this heat continues, its bound to cause power disruptions and my availability zone will experience connectivity issues. For those non-cloud people, that means I’ll be hiding in my house until the Fall.

Fortunately, this months DC612 is Virtual! So even if you’re like me and skeptical of the outside, DC612 can be beamed into your homes, apartments and yurts.

For the July meeting, Kat, one of the DC612 organizers will be speaking on topic she has become a recent, unwilling expert.


GCP IAM 101

Identity and Access Management (IAM), is a framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources.” 

Google Cloud Platform (GCP), is like any system in that it has needed to design a framework for authenticating Users and authorizing them to access resources. How GCP and its IAM system has evolved tells a story about what is important to them, and how their products as a whole have evolved.

In this talk I will start at the very basics, like, who is a WHO in GCP and how are permissions granted to them. I’ll talk about the basic structure of GCPs Cloud IAM, and some of the strong design decisions that are pervasive in the platform. Finally I’ll talk about the what constitutes privilege in GCP and a few ways to get it.


This month, as in the past, we will be virtually hosted the the gracious https://cyberia.club/.

Link to the Jitsi meeting to posted ~1 hour prior to meeting on Twitter and Slack.

Hope to see my Hacker family there.

-kat

Thursday, May 14th 2020 – 6:12PM @ Virtual Only

Written by  on May 2, 2020

Update: https://cafe.cyberia.club/DC612

Hello hackers!

This month we are to be joined by Tom Pieragastini, a local penetration tester who will be teaching us about API hacking:

Increasingly web applications are relying on backend API services in order to query data, write data to databases and perform backend functions. On some levels the shift to API centric applications presents conditions that are very similar to testing traditional web applications, while on other levels the presence of APIs fundamentally changes the methods and tools utilized during testing. This shift in the application space becomes more prevalent everyday, and has changed the face of web application testing.

I’ve worked with Tom directly and am excited to have him present.

This is another virtual-only meeting. We will again be using Jitsi, courtesy of our friends at Cyberia. Please forgive any technical issues as we continue to figure out this new platform. The meeting URL will be shared an hour before the meeting is set to start on Thursday. See you all there!

— TactiFail

Where: Online! Please do not meet at our usual spot 🙂
When: Thursday, May 14th, 2020 @ 6:12PM