August 28, 2010


      Register Now! 2010 Information Security Summit October 11-15th

Don’t get left out, register today for the 2010 Information Security Summit!

The 8th Annual Information Security Summit will be held on October 14-15 at Corporate College East, Cleveland Ohio with pre-conference training opportunities held October 11-13. Listed below are just some of the activities and sessions you can experience at this year’s event:

Pre-conference training classes include: Social Networks, Malware Analysis, Email Authentication, COBIT(r) Exam Prep, White Collar Forensics & the Investigation Process, Websense Web Security, Linux Security, Ethical Hacking, IT Risk Assessment, Building Effective Security Awareness, Defending Against Social Engineering and Next Generation Firewall Training.

Our Keynotes include two panel discussions and a general session. Our panel discussions will cover forensics and privacy. Our general session will focus on identifying the evil insider and protecting against IP theft.

Our Session topics include an Introduction to GRC, Privacy & Regulations, Social Networks, Hacking Techniques, E-discovery, Computer Forensics, Security Awareness, Securing the Cloud, Risk Assessment, High Security Locks, Securing VMs, Network Security, Web Application Security, Security Assessment Practices, Honeypots, case studies, and much, much more.

By registering for the conference you will be able to attend our Thursday evening networking reception. This reception provides you an opportunity to get reacquainted with some old friends and business associates, as well as make new business contacts.

The Information Security Summit is a registered non-profit organization run by volunteers with a mission to bring quality, cost-effective training to Northeast Ohio. Visit our website at www.informationsecuritysummit.org for event details and registration information.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



August 16, 2010


      August 18th NEOISF Meeting Announcement

Our next meeting is this WEDNESDAY August 18, 2010. Pizza and networking start at 6:00 PM. Talks start at 6:30 PM. Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio. Click here for a Google Map! Open to everyone and free as always! Here are the list of talks and agenda items for this months meeting:

Overview of The Next HOPE Conference – Jody McCluggage
The HOPE (Hackers on Planet Earth) conference is a biennial conference held in New York City and sponsored by 2600. A high level overview will be given of the events, presentations, and politics at the most recent conference.

Return of the Social Zombies – Tom Eston
Tom Eston, the only survivor of the zombie apocalypse that took place at Shmoocon this year, examines the risks of social networks and discusses techniques and tools that can be used to exploit these issues. This presentation begins by discussing new twists on existing privacy concerns that are caused by the trust mass that is social networks. This privacy confusion is used to exploit members and their companies during penetration tests. The presentation then discusses social network botnets and bot programs. Both the delivery of malware through social networks and the use of these social networks as command and control channels will be examined. Tom then explores the use of browser-based bots and their delivery through custom social network applications and shows new social network applications can be used for malware delivery. Finally, the information available through the social network APIs is explored using third-party applications designed for penetration testing. This allows for complete coverage of the targets and their information.

Speaker Bios:

Jody McCluggage (CISSP, CCNA, CEH, MCTS, CHP, Network+) – Director of Operations and Compliance at a local government agency.

Tom Eston is a Senior Security Consultant for SecureState. Tom has previously served in many security roles for large enterprises including leading a penetration testing team for a Fortune 500 financial institution. Tom is actively involved in the security community and focuses his research on the security of social media. He is the founder of SocialMediaSecurity.com which is an open source community dedicated to exposing the insecurities of social media. Tom is also a security blogger, co-host of the Security Justice and Social Media Security podcasts and is a frequent speaker at security user groups and national security conferences including Defcon, Shmoocon, OWASP AppSec and Notacon.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



July 21, 2010


      July 21st NEOISF Meeting Announcement

Our next meeting is this WEDNESDAY July 21, 2010. Pizza and networking start at 6:00 PM. Talks start at 6:30 PM. Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio. Click here for a Google Map! Open to everyone and free as always! Here are the list of talks and agenda items for this months meeting

Cradle to Grave Part 2 – FBI Special Agent Ryan MacFarlane
This is the continuation of last months talk in which Ryan will walk us through a forensic analysis and incident response of compromised systems using SIFT 2.0. Last month Dave Kennedy showed a demonstration of systems being exploited with Metasploit Express.

Overview of the REcon Security Conference – Tyler Hudak
Tyler gives a review of the REcon Security Conference that he recently attended. REcon is a conference focused on reverse engineering and is held in Montreal Canada.

Speaker Bios

FBI Special Agent Ryan MacFarlane, Cleveland Office, has spent the last six years investigating numerous criminal intrusions. With over 8 years of Internet security experience, previous work experience includes positions at IBM, i2 Technologies, Georgia Tech, and as a co-founder of an Internet security start-up in 2004.

Tyler Hudak is an Incident Handler for General Electric, specializing in malware analysis and reverse engineering. Prior to joining GE, Tyler worked for a number of corporations performing intrusion detection, incident response, forensics and, of course, malware analysis. He has presented at a number of local and national conferences, is on the board of the Northeast Ohio Information Security Forum and maintains a blog at http://secshoggoth.blogspot.com.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



June 16, 2010


      June 16th NEOISF Meeting Announcement

Our next meeting is this WEDNESDAY June 16, 2010.  Pizza and networking start at 6:00 PM.  Talks start at 6:30 PM.  Location: Park Center Plaza #1, 6100 Oak Tree Blvd, off Rockside Road, Independence, Ohio.  Click here for a Google Map! Open to everyone and free as always!  Here are the list of talks and agenda items for this months meeting:

Whose Afraid of the Big Bad Wolf: Embracing Audit as a Service
Let’s see if you have a picture in your head of auditors. Do see you them, sitting there in the darkness, with a maniacal look on their faces. They pour over your documentation and configuration files just hoping to find the red meat. If there is anything juicy they will find it and feed off it at your expense. Is this the image you have of auditors? Perhaps you were burned during an audit, or just didn’t have a very good experience at the auditor’s hands. With a bit of explanation, your next audit doesn’t have to be so stressful and adversarial. Maybe, just maybe, you can walk away with some value to help improve what you do that you hadn’t thought of before.

Starting from the beginning, we will walk through why IT auditors exist and what role they play in the organizations risk management process. Since we all can relate to risk, maybe we can find the common ground and start to derive value from what auditors provide. Given the right amount of attention and care, organizations can ultimately benefit from IT and Audit working together. Plus you will sleep better at night knowing the bogeyman is just a myth.

Speaker Bio
Jeff Kirsch is an IT auditor by day and ghostnomad, an infosec geek alter ego, every chance he can get. Always trying to learn new things drives him to find better ways to help others learn about technology. His passion for technology also drives him to help those in technology understand auditors and the audit process.

Part 1: Metasploit Express – Dave Kennedy
Metasploit Express was newly released by Rapid7 and is a web-based exploitation suite built on top of the Metasploit Framework. During this presentation we will be discussing how this tool can be incorporated into your daily use within vulnerability management and penetration testing within your organization and how this tool can revolutionize how you currently perform your own testing. Metasploit Express is now one of my favorite toolset’s to utilize and after this talk, it may be yours too.

Part 2: Cradle to Grave – FBI Special Agent Ryan MacFarlane
Following an attack run from Metasploit Express through incident response and forensic analysis using SIFT 2.0.

Speaker Bios
Dave Kennedy is a security expert that has over ten years of experience in the Information Security arena. He has presented at several large conferences including BlackHat, DefCon, ShmooCon, Information Security Summit, InfoSecWorld, and other well known speaking engagements. David is the author of the Social-Engineer Toolkit, a well known and established attack framework for Social-Engineering. David has published a number of exploits, whitepapers, and contributed to the widely popular Back|Track security distribution and the Metasploit Framework. Currently, David is a director of security for an international Fortune 1000 company located in North Canton, Ohio.

FBI Special Agent Ryan MacFarlane, Cleveland Office, has spent the last six years investigating numerous criminal intrusions.  With over 8 years of Internet security experience, previous work experience includes positions at IBM, i2 Technologies, Georgia Tech, and as a co-founder of an Internet security start-up in 2004.



del.icio.us|Digg|Furl|ma.gnolia|RawSugar|reddit|Spurl|Google|StumbleUpon



« Newer PostsOlder Posts »

Local Security Jobs @ our LinkedIn Group!


Support our Sponsors:


Visit our friends: