SecDSM

SecDSM, a monthly meetup providing the opportunity to network with other InfoSec pros and listen to short tech talks presented by your fellow members (or give a presentation yourself!) while enjoying some beer/drinks/food. No sales pitches. The idea is to provide you actionable knowledge for you to take back to your $dayjob while building a top tier InfoSec community in the Des Moines area. If you have the desire to learn about real world InfoSec scenarios - get out of your comfort zone - and join us in a relaxed vendor neutral environment. No registration is required.

Schedule

We meet monthly, on the 3rd Thursday starting at 6pm at The Forge By Pillar Technology (now part of Accenture Industry X.0) in Downtown Des Moines.

Submit a Talk!

Permission to record

Permission to stream

Permission to publish recording

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Nick Starke - Tool Talk Router and switch exploits: a brief history and primer6:30 PM

Have you ever put off updating your switches and / or router? Patching your switches is just as important as patching your other infrastructure. Bad guys can take advantage of unpatched switch versions to launch attacks against your organization. Join us as we look at the history of switch exploitation and look at example exploits.

Sean Flattery Magecart style attacks and the dangers of trusting 3rd party Javascript7:00 PM

The Magecart threat actor has had great success by compromising popular Javascript code used by shopping carts of many sites. This supply chain attack is very effective as it propagates to all sites using it. Better yet, since it's Javascript the code is only seen client side which keeps ecommerce sites in the dark about what's going on. We'll go over some possible solutions for website admins such as subresource integrity.

David Cossa Red Teaming Made Easy With PrivExchange & PowerPriv - What Attackers (and Defenders) Need to know8:00 PM

A new zero-day dropped a few weeks ago that allows any domain user with a mailbox to escalate their rights in AD and get Domain Admin with a single call to an on-prem Exchange Server. I extended this attack for use in remote operations, allowing for usage without needing to drop files to disk, local admin rights, or knowing any passwords at all. Any shell on a user account with a mailbox domain admin. In this talk we'll cover the technical details behind how the attack works, go through a demo of it in operation, and review what steps can be taken to prevent successful exploitation on your network.

Sponsored by

Want to become a sponsor?

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Pavel (Pav) Trinos Bypassing wired 802.1x and ways to prevent it

Most people know that using 802.1x for port-based Network Access Control is the most secure way. What if I told you that there is a way that anyone could bypass it in 99% of today's implementations? In this talk, I will cover TLS based authentication of 802.1x standard and how re-authentications work on the wired side. Based on this knowledge, I will introduce approaches for bypassing 802.1x and available remediation to the problem. This ability to bypass wired controls during Pen Testing or other security related assessments will open the doors to better securing corporate networks.
As an example, I will be using Cisco ISE and Cisco switch to bypass and later on remediate the issue

TOOOL Des Moines Locksport

A side room will be dedicated to locksport.

Sponsored by

Want to become a sponsor?

SecDSM 101 6:00 PM

A brief introduction to the group along with any announcements and general communication.

James Beal - SecDSM News 6:05 PM

Quick Review of the Month's InfoSec news.

Benjamin Blakely Machine Learning Primer and Cyber Applications

Machine Learning, Artificial Intelligence, Big Data: these terms are everywhere in marketing, research, and the news. Many companies now incorporate some element of machine learning into their information security product offerings as this is often the only way to handle the large volumes of data produced. As we're faced with terabytes (often on a daily basis) of data, can humans ever keep up or do we need to enlist the help of friendly robots to help us out? How smart are these robots and what's the difference between Artificial Intelligence and Machine Learning anyway? Is a neural network really like a human brain? What kinds of information security problems is machine learning good for (or not)? In this session, designed as an introduction to machine learning for cyber security professionals, we will cover an overview of the background, types, and use cases for machine learning, and help you make better decisions about how to use these technologies in the right way to get your arms around your data.

Benjamin Blakely is a cyber security researcher at a US Department of Energy national laboratory. Previously, he has held positions in the private, public, and education sectors, and built an information security program to support growth of a cloud software startup through its initial public offering into the thousands of corporate customers. He earned his PhD and BS degrees in Computer Engineering from Iowa State University, with minors in psychology and political science. He holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) certifications, and is the lead inventor on two patents related to encryption key management in cloud infrastructures.