2018 November 7th Chapter Meeting
You are invited to The ISSA New England Chapter's 2018 Annual Meeting for a day packed with well-
known practitioners in the field of Information Security as well as networking with your peers.
Attendees will earn 4 CPEs
Where: O’Neil Cinemas, 1208 Constitution Ave, Littleton, MA 01460
When: Wednesday November 7th, 2018
AGENDA:
10.00 – 10:45 am Offensive & Defensive Open-source Intelligence (OSINT) by Roy Wattanasin
10.50 - 11.30 am Account Takeover & Credential Stuffing: What’s Yours is Mine by David Shear
11.30 – 12.30 pm Board announcements and Lunch
12.30 – 1.10 pm Rapidly Changing Data Protection Landscape by Bill Brunt
1.15 - 2 pm Security Issues on TOR by Shukong Ou
known practitioners in the field of Information Security as well as networking with your peers.
Attendees will earn 4 CPEs
Where: O’Neil Cinemas, 1208 Constitution Ave, Littleton, MA 01460
When: Wednesday November 7th, 2018
AGENDA:
10.00 – 10:45 am Offensive & Defensive Open-source Intelligence (OSINT) by Roy Wattanasin
10.50 - 11.30 am Account Takeover & Credential Stuffing: What’s Yours is Mine by David Shear
11.30 – 12.30 pm Board announcements and Lunch
12.30 – 1.10 pm Rapidly Changing Data Protection Landscape by Bill Brunt
1.15 - 2 pm Security Issues on TOR by Shukong Ou
SPEAKER BIOs
Roy Wattanasin is a healthcare information security professional and faculty member of over 10 years.
He has experience in many industries and has lots of international work experience. He is a former
security officer of a medical, healthcare center for many years. Roy spends most of his time developing
information security programs, teaching students, performing incident response and helping to build the
local communities. Roy is a longtime ISSA member, OWASP Boston board member and a
member/contributor to many groups. He has presented at many conferences such as Defcon Groups,
HOPE, Derbycon, BSides conferences, ISSA, ISACA, Secureworld, OWASP, BASC and Infosec World.
Open source intelligence (OSINT) is using and analyzing publicly available data for intelligence. Tools are
used in the reconnaissance phase to gather as much information about the target (s) as possible. OSINT
can be used for effective target discovery and for other stages. The first half of the talk will focus on
offensive OSINT (ways to get information) and the 2nd half of the talk will focus on defensive OSINT
(ways to protect yourself or reduce your footprint online.) A hands-on tools demo will be demonstrated
per time permitting. This presentation will focus on giving an in-depth overview of some of the different
tools that are available (combined in to this one-talk for your reference, review and sharing needs).
Bring your questions and comments as we will have an open discussion about some of your favorite
tools for sharing.
David Shear is an Analyst at Flashpoint who researches cybercrime communities, actors, and threats
originating primarily from North and South America. A Deep & Dark Web subject matter expert, he
specializes in analyzing threat actors’ tactics, engagement, and targeting patterns to help organizations
across multiple industries address and mitigate cyber threats. Prior to Flashpoint, David served as a
Systems Administrator for SecureWorks’s Networks Operations Center before joining the Counter
Threat Unit within the company’s Surveillance Division. His research on threat intelligence and
information security has been featured in numerous publications including Ars Technica, Dark Reading,
SecurityWeek, SC Magazine, and Wired, among others.
Account takeover (ATO) attacks use previously compromised credential pairs to automate login
attempts. Also known as “identity testing” or “credential stuffing”, these attacks use data that may have
been procured from paste sites like Pastebin, or directly by the attackers themselves in previous
operations. With the wide range of available attack tools and stolen credentials available within the
Deep and Dark Web, account takeover is on the rise, and actors of all sophistication levels can start their
own ATO campaign. This presentation will cover: What is Account Takeover (ATO)?, Different methods
of ATO, Overview of threat actors associated with these types of attacks and Demo of credential stuffing
attack from attacker and defender sides
Bill Brunt is a solution architect for TITUS, the world’s leading provider of classification and protection
solutions. Bill has travelled the world over, providing services which have helped the largest commercial
enterprises as well as the most sensitive parts of government in their pursuit of diligent data handling
techniques.
Bill has approached the Data Protection challenge from many angles as a CIO, Product
Manager, Solution Architect, Manager of Enterprise Data Services for a Global F25 Company.
Now, more than ever, there is an expectation for organizations to holistically manage an individual’s
data. Not just protect but actually manage. Essentially, we are seeing the emergence of data rights. This
presentation will review key concepts in the regulatory landscape including right to forget, disclose data
held, retention periods and more. Furthermore, specific techniques for managing other kinds of data,
i.e. that involving sensitivity drift and other concepts. Takeaways include Understanding the regulatory
trends, Best practices for data handling/governance for unstructured data and Protection of existing and
future investments in the security eco-system.
Shukong Ou has worked for AT&T's Chief Security Office for 18 years, and in the computer and
engineering departments of Stone&Webster for 19 years before that. He has had an interest in
communications and security for a few decades and loves to do things hands-on. He has a five-digit
CISSP number.
Today he will talk about what TOR (aka the Dark Web) is, some security uses for TOR and some
suggestions of what network owners should do about it. We will also take a digression to talk about
what privacy means to you.
Roy Wattanasin is a healthcare information security professional and faculty member of over 10 years.
He has experience in many industries and has lots of international work experience. He is a former
security officer of a medical, healthcare center for many years. Roy spends most of his time developing
information security programs, teaching students, performing incident response and helping to build the
local communities. Roy is a longtime ISSA member, OWASP Boston board member and a
member/contributor to many groups. He has presented at many conferences such as Defcon Groups,
HOPE, Derbycon, BSides conferences, ISSA, ISACA, Secureworld, OWASP, BASC and Infosec World.
Open source intelligence (OSINT) is using and analyzing publicly available data for intelligence. Tools are
used in the reconnaissance phase to gather as much information about the target (s) as possible. OSINT
can be used for effective target discovery and for other stages. The first half of the talk will focus on
offensive OSINT (ways to get information) and the 2nd half of the talk will focus on defensive OSINT
(ways to protect yourself or reduce your footprint online.) A hands-on tools demo will be demonstrated
per time permitting. This presentation will focus on giving an in-depth overview of some of the different
tools that are available (combined in to this one-talk for your reference, review and sharing needs).
Bring your questions and comments as we will have an open discussion about some of your favorite
tools for sharing.
David Shear is an Analyst at Flashpoint who researches cybercrime communities, actors, and threats
originating primarily from North and South America. A Deep & Dark Web subject matter expert, he
specializes in analyzing threat actors’ tactics, engagement, and targeting patterns to help organizations
across multiple industries address and mitigate cyber threats. Prior to Flashpoint, David served as a
Systems Administrator for SecureWorks’s Networks Operations Center before joining the Counter
Threat Unit within the company’s Surveillance Division. His research on threat intelligence and
information security has been featured in numerous publications including Ars Technica, Dark Reading,
SecurityWeek, SC Magazine, and Wired, among others.
Account takeover (ATO) attacks use previously compromised credential pairs to automate login
attempts. Also known as “identity testing” or “credential stuffing”, these attacks use data that may have
been procured from paste sites like Pastebin, or directly by the attackers themselves in previous
operations. With the wide range of available attack tools and stolen credentials available within the
Deep and Dark Web, account takeover is on the rise, and actors of all sophistication levels can start their
own ATO campaign. This presentation will cover: What is Account Takeover (ATO)?, Different methods
of ATO, Overview of threat actors associated with these types of attacks and Demo of credential stuffing
attack from attacker and defender sides
Bill Brunt is a solution architect for TITUS, the world’s leading provider of classification and protection
solutions. Bill has travelled the world over, providing services which have helped the largest commercial
enterprises as well as the most sensitive parts of government in their pursuit of diligent data handling
techniques.
Bill has approached the Data Protection challenge from many angles as a CIO, Product
Manager, Solution Architect, Manager of Enterprise Data Services for a Global F25 Company.
Now, more than ever, there is an expectation for organizations to holistically manage an individual’s
data. Not just protect but actually manage. Essentially, we are seeing the emergence of data rights. This
presentation will review key concepts in the regulatory landscape including right to forget, disclose data
held, retention periods and more. Furthermore, specific techniques for managing other kinds of data,
i.e. that involving sensitivity drift and other concepts. Takeaways include Understanding the regulatory
trends, Best practices for data handling/governance for unstructured data and Protection of existing and
future investments in the security eco-system.
Shukong Ou has worked for AT&T's Chief Security Office for 18 years, and in the computer and
engineering departments of Stone&Webster for 19 years before that. He has had an interest in
communications and security for a few decades and loves to do things hands-on. He has a five-digit
CISSP number.
Today he will talk about what TOR (aka the Dark Web) is, some security uses for TOR and some
suggestions of what network owners should do about it. We will also take a digression to talk about
what privacy means to you.
Presentations below:
|
|
| |||||||
