Thursday, October 10th 2019 – 6:12PM @ Wilde Cafe

Written by  on October 3, 2019

Hello Hackers!

This month, we’re visited by @jessica_schalz as she delivers her presentation from BSidesMSP 2019. From the abstract:

As organizations adopt DevSecOps, security professionals interact more and more with pure development teams.

If you’ve ever explained why security is important to a developer, you’ve probably run into a language barrier.

This talk is given by a developer/casual hacker that wants to help infosec communities understand communication pitfalls; some common language we can all use; and what developers need from security to succeed.

See you all then!

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, October 10th 6:12PM

Thursday, September 12th 2019 – 6:12PM @ Wilde Cafe

Written by  on September 3, 2019

Hello Hackers!

This month, we’re keeping it simple. Show up, get food, get drinks, and join in a group discussion / debrief of DefCon 27. No planned talks, just good old fashioned socialism hour.

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, September 12th 6:12PM

Thursday, July 11th – 6:12PM @ Wilde Cafe

Written by  on July 4, 2019

Hello Hackers!

This month, our last before we take a break for DefCon proper, we will enjoy a presentation by Gabe Thompson (@grnbeltwarrior) entitled “All your RF belong to us – Not just another RTL-SDR 101 talk”. In his own words:

While not another 101 talk, I’ll hit the high points of RTL-SDR hardware. Then hit some software that comes in handy when looking for interesting radio frequencies. Focusing on gqrx, an open source software defined radio, we will look into what some of the common frequencies look like in the waterfall (AM/FM and finally POCSAG/FLEX). Short definition of what FLEX and POCSAG are and what they are used commonly for. Show how to identify these in the waterfall and some common ranges for them in North America/United States. Lastly go into demonstrating finding them using gqrx, rtl-sdr dongle and other software to display messages.

Sounds exciting, and is definitely something I have wanted to learn more about.

And one more time, a reminder that we will *not* be meeting at Wilde Cafe in August since many of us will be in Vegas for DefCon. We might organize a meetup there and post something, TBD.

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, July 11th 6:12PM

Thursday, June 13th – 6:12PM @ Wilde Roast Cafe

Written by  on May 30, 2019

Hello Hackers!

This month we have two minor updates to get out of the way before we get to our speaker:

  • The name of the venue apparently changed from “Wilde Roast Cafe” to just “Wilde Cafe” somewhat recently so we’re changing the post titles and details accordingly. Hopefully this helps clear up any confusion as to where we actually meet 🙂
  • At our last meeting we were asked the age-old question of “When does DC612 actually start?” and I gave the age-old answer of “Some time between 6 and 6:30 but it really depends on traffic and weather.” Someone suggested we start at 6:12 and dammit that’s just what we’re going to do going forward.

That’s it for the updates, now onto the speaker!

Some of you who have been around for a while might remember Spenser Reinhardt AKA @c0mmiebstrd. He was a regular of DC612 until he moved out of state for work, but he’s back visiting this month and will be giving us an overview of the radare2 reversing framework. In his own words:

Radare2 is a free suite of tools for reversing, exploit development, binary diffing and all sorts of things! This month Spenser will take us through a Trail of Bits CTF challenge using r2 and python. If you’d like to follow along, you’ll need a Kali Linux 2019 system or virtual machine, and the files from here:

I’m excited to have him back, and the subject matter doesn’t hurt matters either – see you all there!

— TactiFail

Where:  Wilde Cafe – 65 Main St SE, Mpls.
When: Thursday, June 13th 6:12PM

Thursday, May 9th – 6PM @ Wilde Roast Cafe

Written by  on May 2, 2019

Hello hackers!

This month, DC612 founder David Bryan (VideoMan) will be giving a preview of his upcoming Thotcon talk titled “Goldilocks and the three ATM attacks”. The abstract reads as follows:

Automated Teller Machines (ATM) attacks are more sophisticated than ever before. Criminals have upped their game, compromising and manipulating ATM networks, software and other connected infrastructure. Between having a third-party manage these machines, and ATMs deployed on low-bandwidth links, it’s an inevitable wild-west environment. In this talk I will review three case studies of ATM attacks, showing how they have become more dangerous than ever before. In this session, I will discuss unknown ATM flaws our pentesting team has uncovered while performing testing, the various ways criminals are attacking ATMs, the many security problems that we have identified with ATM systems, and what can be done to prevent these attacks. I will review three case studies of ATMs. One where the ATM security was extremely poor; One where the security was very good but the ATM still fell victim to an attack because we discovered a zero-day in the management software; And one where the security was just right- but its specific deployment had some major flaws that ultimately led to an ATM compromise. In this last case, the attackers side-loaded an application, and were able to run a criminal ring that led to $7M USD in losses.

Exciting stuff – hope to see you all there!

— TactiFail

Where:  Wilde Roast Cafe – 65 Main St SE, Mpls.
When: Thursday, May 9th 6PM