Campfire Stories - 15 minutes each

Presented at Wild West Hackin' Fest 2019, Oct. 25, 2019, 9 a.m. (300 minutes)

**9:00am - ****Branden Miller - Email header analysis... the hard way** There is a treasure trove of data that one can get from email headers. Many tools provide this data in easy to read formats automatically, but, to fully understand what is going on, one must understand the types of data. This talk will introduce the data, help the user synthesize the data, and turn it into intelligence. **9:20am - Frank Vianzon - Anatomy of a phishing attack** Per the Verizon Breach Report of 2018, phishing is on the rise. In this talk we will look at a few really good phishing e-mails that I received and break down how to recognize it, how to protect yourself against it and how to perform a basic analysis of what the phishing e-mail is doing using the Burp Proxy Suite **9:40am - Heather Lawrence - Higher Ed and the Infosec Skills Gap** Some 37% of the 2018 ISC2 Workforce Study indicated that they were concerned about the lack of skilled cybersecurity personnel while almost 60% indicated that their organization is at risk due to the staff shortage. This talk discusses the current availability and quality of infosec higher education, how few institutions are preparing their students with the skills they need, and effective training methods that organizations can use to bridge the gap in-house. **10:00am - Bob Hewitt - Our Adventure with an Awareness Training Escape Room** Are you as tired of Annual Awareness Training as your users are? It might be time to change up your approach to Security Awareness Training with some gamification. Escape Rooms can be fun and a great opportunity for team building while demonstrating your Information Security Awareness objectives. Participants are faced with a series of scenarios that require actions that reflect your organizations policies, procedures and best practices. **10:20am - Josh Fu - The Real Deal about AI** Artificial Intelligence(AI) is impacting our world in previously unimaginable ways and vendors love to say they use it. But how does it really work? If you are looking for the real deal about this industry buzzword, this is the talk for you. We will cover the history of this incredibly innovative technology, what it is and what it is not, the steps required to produce a solution, the subfields that make up AI, how various industries are using it, and at the end of the presentation provide the reference list for you to dive deeper into this next generation field and get started for yourself. **10:40am - Bronwen Aker - URL Hacking - How to Cut the Tracking Cruft** Have you ever read a web page and wondered what all that weirdness in the URL means? It’s not rocket science, but there is madness behind the method of how those URLs are put together, and you can learn how to use it to your advantage. Hidden in plain view are the tracking codes companies like Google, LinkedIn, Amazon, and others use to track where you go online and how you got there. Trimming those codes from your URLs is easy, makes your links friendlier, and prevents would-be online trackers and their marketing masters from keeping tabs on you. Come along as we hack some URLs so you can clean that marketing malware from the links you use and share with others. **11:00am - Edward Ruprecht - When logging everything becomes an issue** Discussing potential issues with logging Sysmon and PowerShell logs. Potential sensitive data leakage, best practices, and scalability issues. **11:20am - Josh Rykowski - Gamification and Andragogy - A Match Made for Workforce Empowerment** In this talk I discuss the series of trials and tribulations faced when developing a programming competition aimed at energizing a large (approximately 700 individuals) existing employee population within our organization and trying to stoke their excitement about learning how to script and program. **1:00pm - Heath Adams - What I Learned After a Year as a Cybersecurity Mentor** Cybersecurity professionals are life-long learners. We put in our 40+ hours a week at work, but it never ends there. The field is constantly changing. Every day, something new comes out. A new exploit. A new patch. New software. A tactic that worked yesterday might no longer work today. Because of this constant state of metamorphosis, a cybersecurity pro is always studying. We are reading news articles. We are catching up on Twitter. We are working on certifications, on a CTF, or whatever it is that keeps our endorphins escalated. We never stop. Many people come in seeing the sexy, only to bail when they realize the level of effort needed to succeed. In my belief, this is why we have (and always will have) a shortage in the field. This talk will provide guidance and resources available to network, find jobs and succeed in the field of cybersecurity. **1:20pm - Bruce Norquist - STRIDE Threat Model of a Cloud Application & Associated Cloud Baggage** This presentation is on a generic SAAS application and associated Cloud Stack’s Threat Model. The central theme of this discussion uses VISIO drawings of the SAAS, PAAS, and IAAS and the related STRIDE set of threats. STRIDE is a model of threats developed by Praerit Garg and Loren Kohnfelder at Microsoft for identifying computer security threats. It provides a mnemonic for security threats in six categories. The threats categories are: • Spoofing of user identity • Tampering • Repudiation • Information disclosure (privacy breach or data leak) • Denial of service (D.o.S) • Elevation of privilege

Presenters:

• Heath Adams
  Heath Adams is a Senior Penetration Tester. He has a strong background in network administration and information security, including penetration testing, network design and implementation, and network security. Heath currently holds multiple cybersecurity related certifications, including the OSCP, OSWP, and the eWPT. Heath also proudly served as an officer in the Army Reserve. Outside of work, Heath is an online cybersecurity instructor, YouTuber, and Twitch live streamer. When Heath is not at work, he enjoys spending time with his wife, Amber, and their 4 animal “children.” Social Media: \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ Website: https://thecybermentor.com Twitter: https://twitter.com/thecybermentor Twitch: https://www.twitch.tv/thecybermentor LinkedIn: https://www.linkedin.com/in/heathadams Blog: https://www.veteransec.com
• Josh Rykowski
  Josh Rykowski @ryko212 currently serves as a Cyberspace operations officer for the US Army where he has lead a Cyber Protection Team and worked to develop specialized training for those same teams. On his convoluted path to cybersecurity he obtained a Bachelors of Science in Electrical Engineering from the United States Military Academy and a Masters Degree in Computer Science from Rice University focusing on multi-robot systems.
• Heather Lawrence
  Heather Lawrence is a data scientist for the Nebraska Applied Research Institute who earned her undergraduate and masters degrees in Computer Engineering from the University of Central Florida. In previous lives she was a USN nuke, VA photographer, NCCDC winner, Hack@UCF mom, and darknet marketplace miner. Her current research centers on the application of machine learning to intrusion detection. @infosecanon
• Edward Ruprecht
  Lead Cyber Security Engineer at FM Global
• Josh Fu - Cylance
  Josh Fu (Twitter @jfusecurity) is a security professional at Cylance and was the founder of the west coast chapter of the International Consortium of Cybersecurity Professionals (ICMCP). His ability to turn technical concepts into easy-to-understand plain English has led him to present at conferences around the world focused on security, artificial intelligence, and IoT and for groups such as ISACA, ISC2, MGTA, IANS, and SANS. He is also a published author in ThreatVector, Cyber Defense Magazine, and Information Security magazine. @jfusecurity @cylanceinc
• Bob Hewitt
  Bob works for a Software as a Service provider that services charitable foundations and financial institutions where he is responsible for program management, compliance, SOC operations, penetration testing, and privacy. He consults several organizations on beginning and managing their information security programs and is a SANS Community Instructor. He is an advocate that defenders must be capable of blue team functions as well as red team to be successful and has earned GCIH, GPEN and GWAPT certifications. He has also achieved other certifications including the CISSP, GSEC, and CIPP/E. Justin is a Systems Administrator for a Software as a Service provider that services charitable foundations and financial institutions. He is a self-ascribed “nerd” with a sizeable video and board game collection. A nostalgic child of the 90’s and has no interest in growing up any time soon. [@**infosecbobh**](https://twitter.com/infosecbobh) <https://www.linkedin.com/in/bobhewitt/>
• Frank Vianzon
  Frank Vianzon works in Corporate Risk Management during the day but also writes and teaches classes at the local colleges and is a Board Member at OWASP. Frank currently holds three SANS certificates for GPEN, GCWN and GISP.
• Branden Miller / f0zzie   as Branden Miller
  Branden Miller retired from the US Navy in 2011 after 20 years as a Cryptologic Technician. He has held several jobs within Computer Network Operations including those of a Computer Network Defense Analyst and a Computer Network Exploitation Analyst. After retirement, he has enjoyed teaching other, performing security consulting, and starting hacking projects he will never finish. @f0zziehakz
• Bronwen Aker
  Bronwen Aker has played with computers since elementary school when she was introduced to FORTRAN programming using bubble cards. She worked for twenty years in web development, and as a technical trainer, before entering the world of cybersecurity. Today she is a graduate of the 2017 SANS CyberTalent Academy for Women, works part-time for SANS as a Subject Matter Expert and for Black Hills Information Security (BHIS) as a technical editor, all while she finishes her bachelor’s degree in cybersecurity. When not playing with computers, virtual and otherwise, she likes to go on long walks in the mountains with her dogs.
• Bruce Norquist
  Bruce Norquist has been hooked and working security since he touched his first B3 level Compartmentalized Mode Workstation in 1994. He retired from the Army National Guard after 24 years as an Information Operations and Combat Engineer officer at NORAD/USNORTHCOM. His first Cloud Application security assessment was in 2008 and they have never stopped. Among his certifications are the CISSP and CRISC.

Links:

• https://wildwesthackinfest2019.sched.com/event/TUC7/campfire-stories-15-minutes-each

Similar Presentations:

• 31C3 (2014) / The Invisible Committee Returns with "Fuck Off Google": Cybernetics, Anti-Terrorism, and the ongoing case against the Tarnac 10
• DeepSec 2015 „DeepSec No. 9“ / Have We Penetrated Yet??
• Texas Cyber Summit 2019 / BT-1050 Shining a Light on Shadow IT in the Cloud