What: March Seattle Locksport and DC206 Meeting When: Mar 17, 2019 (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Mug, Hattz, DarkDiesel, Dune, Panic, and the DC206 community) Chef of the Month: Luck ‘o the Irish Potluck!
Black Lodge Research hackerspace hosts a monthly event with two adjacent user groups: Seattle Locksport and the DC206 Meeting. Seattle Locksport’s monthly Eastside event takes place immediately before the monthly DC206 Meeting.
DC206 Meeting is the monthly meetup of the Seattle-area DEF CON community. Locksport takes place 11:00-1:00. The DC206 Meeting takes place immediately after Seattle Locksport, starting at 1:00pm. BBQ begins after the DC206 Meeting presentation ends. This month we will be doing a potluck for St. Patrick’s Day.
DC206 Meeting Presentation:
CTF: Reaching people with fun and games by Mug
Abstract: Mug’s security team is always looking for better ways to reach employees in his Fortune 500 Company. The business environment is formal and professional. Newsletters, blogs, mandatory training courses and an optional video series with certification simply aren’t enough – as evidenced by the incident response team that’s as busy as ever. For Cybersecurity Awareness Month in 2018 we hosted a Capture the Flag aimed at technical employees of all skill levels. Mug wants to share his success and lessons learned with this little (huge), well planned (total cluster), highly funded (no systems, budget, time, or support) funtimes and subversive training activity.
Bio: Mug’s been a blue teamer for the last 21 years, owing much of his success to a “let’s be practical” approach to problem solving and having an uncanny ability to spot and address communication breakdowns. Specific areas of focus have included DFIR, network protective control and feeling the pain of building an internal PKI that’s grown well beyond its original scope. Currently in the role of security architect at a Fortune 500 company, Mug and his team lead the global success or failure of the company’s electronic information risk management practices.
Kit is only $35, and includes a large list of parts and projects. I will waive my usual teaching fee and ask students to drop it in the BLR donation box instead. I’ll start by running a 30 min slide overview of Arduino, then I will help folks get going with the first project in the kit. Students usually get 2 to 4 of the projects running during the class, and are able to finish the rest on their own.
What: February Seattle Locksport and DC206 Meeting When: Feb 17, 2019 (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Dr0m3, Hattz, DarkDiesel, Dune, Panic, and the DC206 community) Chef of the Month: Hattz
Black Lodge Research hackerspace hosts a monthly event with two adjacent user groups: Seattle Locksport and the DC206 Meeting. Seattle Locksport’s monthly Eastside event takes place immediately before the monthly DC206 Meeting. DC206 Meeting is the monthly meetup of the Seattle-area DEF CON community. Locksport takes place 11:00-1:00. The DC206 Meeting takes place immediately after Seattle Locksport, starting at 1:00pm. BBQ begins after the DC206 Meeting presentation ends. This month the chef will be Hattz. We’re planning hamburgers and some brats. We’d welcome some additional dishes, as well as some decent hard ciders and beers
DC206 Meeting Presentation:
Exploring PowerShell, Episode II: When in doubt, run in circles, scream and shout! by Dr0m3 (and Potato)
Previously exploring the history of PowerShell and its evolution into an OS agnostic scripting tool, this next presentation focuses on its applied use in the landscape of penetration testing.
Introducing some of the “tools” within the Nishang and Empire modules, we
will be exploring some of the use cases for these tools as part of an
attack chain.
Stephen (Potato) won'[t be able to make the presentation this time, but we
are hoping to still continue this as a series (with the both of us)–as
long as you guys want us back for more :).
Michael (Dr0m3)
This event will be videotaped by Panic. During event, remote users can interactively ask questions to speaker. You’ll need to sign in to Google Chat on the below Youtube URL. If you cannot attend, here’s the URL for the live streaming (and afterward, a copy of the video): https://www.youtube.com/watch?v=Tr4hu63l0tw
Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security
company.
Park facing the street, not in front of other businesses, or you may get
towed.
https://www.meetup.com/Black-Lodge-Research/
https://www.facebook.com/BlackLodgeResearch/
https://twitter.com/the_black_lodge
https://blacklodgeresearch.org/
http://www.openstreetmap.org/node/2184616237#map=19/47.66334/-122.10399
https://map.what3words.com/warm.rapid.epic
https://www.youtube.com/channel/UCVZb0Q7zgrjfwncn-jcPwsg
What: February Seattle Locksport and DC206 Meeting When: Feb 17, 2019 (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Dr0m3, Hattz, DarkDiesel, Dune, Panic, and the DC206 community) Chef of the Month: Hattz
Black Lodge Research hackerspace hosts a monthly event with two adjacent user groups: Seattle Locksport and the DC206 Meeting. Seattle Locksport’s monthly Eastside event takes place immediately before the monthly DC206 Meeting. The DC206 Meeting is the monthly meetup of the Seattle-area DEF CON community. Locksport takes place 11:00-1:00. The DC206 Meeting takes place immediately after Seattle Locksport, starting at 1:00pm. BBQ begins after the DC206 Meeting presentation ends. This month the chef will be Hattz. We’re planning hamburgers and some brats. We’d welcome some additional dishes, as well as some decent hard ciders and beers
DC206 Meeting Presentation:
Exploring PowerShell, Episode II: When in doubt, run in circles, scream and shout! by Dr0m3 (and Potato)
Previously exploring the history of PowerShell and its evolution into an OS agnostic scripting tool, this next presentation focuses on its applied use in the landscape of penetration testing.
Introducing some of the “tools” within the Nishang and Empire modules, we will be exploring some of the use cases for these tools as part of an attack chain. ________________________________________________________
Stephen (Potato) won'[t be able to make the presentation this time, but we are hoping to still continue this as a series (with the both of us)–as long as you guys want us back for more :). Michael (Dr0m3)
This event will be videotaped by Panic. During event, remote users can interactively ask questions to speaker. You’ll need to sign in to Google Chat on the below Youtube URL. If you cannot attend, here’s the URL for the live streaming (and afterward, a copy of the video): https://www.youtube.com/watch?v=Tr4hu63l0tw
[[UPDATED: Original post had the wrong date (20th). The correct date for 3rd Sunday in January 2019 is the 21st. This event is on 2019/01/21!! ]]
What: January Seattle Locksport and DC206 Meeting When: Jan 20st (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (TProphet, Hattz, Zach, Dune, Panic, and the DC206 community)
Black Lodge Research hackerspace hosts a monthly event with two adjacent
user groups: Seattle Locksport and the DC206 Meeting. Seattle
Locksport’s monthly Eastside event takes place immediately before the
monthly DC206 Meeting. DC206 Meeting is the monthly meetup of the
Seattle-area DEF CON community. Locksport takes place 11:00-1:00. The
DC206 Meeting takes place immediately after Seattle Locksport, starting
at 1:00pm. A BBQ begins after the DC206 Meeting’s presentation ends.
This month the chef will be Hattz. We’re planning hamburgers and some
brats. We’d welcome some additional dishes, as well as some decent hard
ciders and beers
*****
DC206 Meeting Presentation:
Travel Hacking For Make Benefit Belarus Museum of Cat! =^_^=
by @TProphet
Do you have frequent flier miles, hotel points, or bank points? Millions
of people let their points expire or spend them unoptimally on trips to
boring places like Hawaii instead of visiting the world’s best
undiscovered tourist hotspots. For example, why not visit the glorious
tractor factory and statue of Lenin in Minsk, Belarus? Speaking of
museums, there is a Museum of Broken Relationships in Zagreb, Croatia.
TProphet will discuss travel hacking tools, techniques, mistake fares,
and some of the more interesting places he has visited using travel hacks.
TProphet has been phreaking since middle school and writing for 2600:
The Hacker Quarterly since high school. These days he’s into travel
hacking, and has leveraged mistake fares, miles and points to visit all
7 continents. TProphet is the founder of AwardCat (https://award.cat).
This event will be videotaped by Panic. During event, remote users can
interactively ask questions to speaker. You’ll need to sign in to Google
Chat on the below Youtube URL. If you cannot attend, here’s the URL for
the live streaming (and afterward, a copy of the video):
Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security
company.
Park facing the street, not in front of other businesses, or you may get
towed.
Black Lodge Research
Redmond, WA 194Members
Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…
What: December Seattle Locksport and DC206 Meeting When: Dec 16th (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Vincent, Noah, Zach, Dune, Panic, and the DC206 community)
Black Lodge Research hackerspace hosts a monthly event with two adjacent
user groups: Seattle Locksport and the DC206 Meeting. Seattle
Locksport’s monthly Eastside event takes place immediately before the
monthly DC206 Meeting. DC206 Meeting is the monthly meetup of the
Seattle-area DEF CON community. Locksport takes place 11:00-1:00. The
DC206 Meeting takes place immediately after Seattle Locksport, starting
at 1:00pm. A BBQ begins after the DC206 Meeting’s presentation ends.
This month the chef will be Hattz. We’re planning hamburgers and some
brats. I believe Ben is planning on making Mulled Wine. We’d welcome
some additional dishes, as well as some decent hard ciders and beers
*****
DC206 Meeting Presentation:
Open Source IA Firmware
by
Vincent Zimmer, Intel Corp.
Provide highlights on the open source firmware ecosystem, including details from the Platform Security Summit[1] and Open Source Firmware Conference[2].
Vincent Zimmer @vincentzimmer is a sr. principal engineer at Intel Corporation. He leads the UEFI Security Subteam of the UEFI Forum.
This event will be videotaped by Panic. During event, remote users can
interactively ask questions to speaker. You’ll need to sign in to Google
Chat on the below Youtube URL. If you cannot attend, here’s the URL for
the live streaming (and afterward, a copy of the video):
DC206:
https://dc206.org/
http://lists.dc206.org/listinfo.cgi/list-dc206.org
Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security
company.
Park facing the street, not in front of other businesses, or you may get
towed.
Black Lodge Research
Redmond, WA 183Members
Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…
What: November DC206 Meeting, Locksport, and BBQ When: Nov 18th (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Keegan, Spooney, Dune, Panic, and the DC206 community)
** 11:00am-1:00pm: LOCKSPORT EVENT:
Dune will be running a Locksport event, starting at 11:00 until 1:00.
** 1:00pm-?: DC206 MEETING PRESENTATION:
Microarchitectural Attacks on Trusted Execution Environments by Keegan Ryan
Trusted Execution Environments (TEEs), like those based on ARM TrustZone or Intel SGX, intend to provide a secure way to run code beyond the typical reach of a computer’s operating system.
However, when trusted and untrusted code runs on shared hardware, it opens the door to the same microarchitectural attacks that have been exploited for years. This talk provides an overview of these attacks as they have been applied to TEEs, and it additionally demonstrates how to mount these attacks on common TrustZone implementations. Finally, we identify new techniques which allow us to peer within TrustZone TEEs with greater resolution than ever before.
Keegan Ryan has been a senior security consultant with NCC Group since June 2016, working primarily from Seattle. Keegan has experience with wireless protocols, reverse engineering embedded systems, TrustZone exploitation, virtualization, and cryptography. Prior to joining NCC Group, Keegan attended the California Institute of Technology, studying machine learning and applied mathematics.
This event will be videotaped by Panic. During event, remote users can interactively ask questions to speaker. You’ll need to sign in to Google Chat on the below Youtube URL. If you cannot attend, here’s the URL for the live streaming (and afterward, a copy of the video):
https://www.youtube.com/watch?v=_oHqpSqHVX4
** post-EVENT BBQ:
The BBQ starts after the presentation ends. This month the chef will be Spooney. We’re planning hamburgers and some brats. I believe Ben is making Mulled Wine this month.
We’d welcome some additional dishes, as well as some decent hard ciders and beers. You can donate to the Black Lodge Research directly:
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=743VSYX72C7G2
https://www.amazon.com/gp/registry/wishlist/3GIXQQ7XSJ3Q1?ref_=cm_sw_r_cp_ep_ws_VlWKBbCSZKFHA
** MORE INFO:
Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security company.
Park facing the street, not in front of other businesses, or you may get towed.
Black Lodge Research
Redmond, WA 177Members
Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…
What: October DC206 Meeting, Locksport, and BBQ When: October 21st (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Dr0m3, Potato, Hattz, Dune, Panic, and the DC206 community)
[We’ve been trying to get a Powershell speaker for a while!]
** 11:00am-1:00pm: LOCKSPORT EVENT:
Dune will be running a Locksport event, starting at 11:00 until 1:00.
** 1:00pm-?: DC206 MEETING PRESENTATION:
Exploring PowerShell
by Dr0m3 and Potato
This presentation explores the history of PowerShell and its evolution into an OS agnostic scripting tool. Focusing on its use in enterprise computing for Windows OS, we will also be exploring current implementations for Unix-based systems.
We will go over the basics to understand the modules under the hood, creation of modules and cmdlets (regardless of the OS), and modern implementations for DevOps and Red Teaming.
Michael (Dr0m3) and Stephen (Potato)
Pending permission of the second speaker, this event will be videotaped by Panic. During event, remote users can interactively ask questions to speaker. You’ll need to sign in to Google Chat on the below Youtube URL. If you cannot attend, here’s the URL for the live streaming (and afterward, a copy of the video):
The BBQ starts after the presentation ends. This month the chef will be Hattz. We’re planning hamburgers and some brats. We’d welcome some additional dishes, as well as some decent hard ciders and beers. You can donate to the Black Lodge Research directly:
Black Lodge Research:
17725 NE 65th St, A-155; Evans Business Park, Bldg A; Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security company.
Park facing the street, not in front of other businesses, or you may get towed.
Black Lodge Research
Redmond, WA 171Members
Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…
What: September DC206 Meeting, Locksport, and BBQ When: September 16th (3rd Sundays), 11:00am-~4:00pm Where: Black Lodge Research Who: (Hattz, Dune, Spooney, Panic, and the DC206 community)
Locksport begins at 11:00a; DC206 Meeting presentation begins at 1:00pm; BBQ begins when the presentation is done.
** LOCKSPORT EVENT:
Dune will be running a Locksport event, starting at 11:00 until 1:00.
** DC206 MEETING PRESENTATION:
Cloud Forensics
by Hattz
Abstract:
This presentation introduces onsite and cloud based forensic tools, focusing on windows boxes, it includes tips and tricks to make Linux forensics painless as well.
I’ll go over tools and techniques to do an onsite forensic investigation, focusing on free and open source tools. I’ll go through basics of Azure and Amazon cloud forensics, how to get VHDs down, and perform forensics for region locked data. I’ll cover basics of legal concerns as well as evidence preservation.
There will be cursing, Shmoo balls, and drinking for cybers.
Bio:
Hattz does Azure DFIR at Microsoft.
This event will be videotaped by Panic. During event, remote users can interactively ask questions to speaker. You’ll need to sign in to Google Chat on the below Youtube URL. If you cannot attend, here’s the URL for the live streaming (and afterward, a copy of the video):
https://www.youtube.com/watch?v=Aartj02UO6M
** POST-EVENT BBQ:
This month the chef will be Spooney. We’re planning hamburgers and some brats.
Please feel free to bring a side-dish, or some additional meat. The BLR fridge always needs restocking with decent beers and hard ciders. Vegetarians, please bring something you can eat: the salad — and for the most part the fake tofu/etc meats — we’ve brought in recent months has been ignored.
You can donate $12 to help us restock our beverages, using Paypal:
https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=743VSYX72C7G2
You can also buy some supplies, using Amazon Wishlist:
https://www.amazon.com/gp/registry/wishlist/3GIXQQ7XSJ3Q1?ref_=cm_sw_r_cp_ep_ws_VlWKBbCSZKFHA
** MORE INFO:
Black Lodge Research:
17725 NE 65th St, A-155
Evans Business Park, Bldg A
Redmond, WA 98052
Building A, mid-building, between the coffee roaster and the security
company.
Park facing the street, not in front of other businesses, or you may get
towed.
Black Lodge Research
Redmond, WA 154Members
Anyone interested in Information Security should checkout Black Lodge Research. Members can attend talks each month on a variety of topics and skill levels. Every Thursday BLR…
