When:
Thursday, January 28th, 6:45 – 8:00 PM
Where: Virtual
See confirmation email for information about the Zoom meeting.
If you did not receive a confirmation, please email communications @ triadnc.issa.org
Cost: Free
If you know of any other security professionals that may be interested in attending, please forward this invite on to them and copy us on your correspondence.
Agenda:
Chapter business (6:45 pm – 7:00 pm)
Presentation (7:00 pm – 8:00 pm)
Topic:
Tales from the Trench
This talk covers a few of my favorite stories from the past year and will demonstrate different ways that I managed to “own” an organization during a pentest engagement. Stories include:
No MFA? Thanks!
This story discusses how I obtained domain admin access as an external attacker, teaching some key lessons along the way.
IPv6 FTW!
This story discusses how IPv6 can be abused in internal networks and easily allow for complete domain compromise.
You Spent How Much on Security?
This story discusses how I obtained domain controller access on an organization that was doing *almost* everything right and spending a lot of money to do so.
Digging Deep
This story discusses how I managed to take down an internal network when no apparent exploit existed.
Presenter:
Heath Adams (aka The Cyber Mentor) is the CEO and founder of TCM Security
Outside of TCM Security, Heath is an online cybersecurity instructor on platforms such as Udemy, YouTube, and Twitch, teaching his students penetration testing methods and tactics. Heath is also a military veteran, having served in the US Army Reserves, and helped co-found VetSec, a 501c3 dedicated to military members in cybersecurity. When Heath is not at work, he enjoys spending time with his wife, Amber, and their five animal “children.” He is an avid runner, musician, trivia nerd, and sports fan.
Register for this month’s meeting at https://triadnc-issa-2021-01.eventbrite.com.
Organizer:
ISSA Triad of NC
The Information Systems Security Association is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.
The Triad of NC chapter provides a local resource for information security professionals to get together, learn new things, and develop relationships with others in the industry. If you are involved in information security, full or part time, or are simply interested in the subject, this organization is a great way to learn and grow.
The Triad of NC chapter meets the 4th Thursday of each month January – October and the 2nd Thursday in November and December. Meeting venues are generally rotated monthly between ECPI in Greensboro and Forsyth Technical Community College in Winston-Salem.