ISSA Chapter Meeting 6 February 2024:
Opening remarks: Lot of visitors, great turnout!
Meeting last month was cyber range workshop, lots of fun hope to do again.
Meeting is hybrid (In-person at ECPI, on zoom virtually)
questions can raise hand or use zoom chat, someone is monitoring
After the meeting, please give us feedback: what did you like? What could we improve?
Agenda: Welcome/Membership/Education/Presentation/Business meeting/Feedback/Adjourn
ISSA-HR Professional Association Benefits: Build professional relationships, stay current on developments in areas of information security/risk/privacy, professional development, education opportunities, Earn CPE/CEU continuing education credits, learn practical and best practice solutions, career information and employment opportunities
Whether you’re a pre-professional, entry-level, mid-career, senior practitioner or security leader, ISSA offers strategic resources and guidance to successive career levels.
Membership Annual Cost: Professional $95, Student 30, (Chapter Dues $30) Professional = $125 total, Student = $60
New Members: Please welcome: had a good amount of joining folks! Norman is here! Desmond is here! Julian is here, welcome!
Thank you for joining! Desmond is helping to kick off a mentorship program, that’s what’s cool you can find any way to contribute to ISSA and be involved!
we all have lives, but if it’s something you’re passionate about, ISSA can assist in those aspirations –Charles
Welcome new members and visitors!
Education: resources on website, we are passionate about what resources are out there!
Goals: Provide educational resources, mentorship opportunities, team building/collaboration, hands-on industry tool familiarization, certification tracking/pipeline:
Free certification and Training: NextGen Cybertalent is a non-profit organization aiming to boost diversity in cybersecurity. They focus on educating underprivileged and underserved individuals, providing them with professional development and opportunities in cybersecurity. They offer training, experiential learning, internships, and employment opportunities. They partner with various entities like tech companies, enterprises, and universities to support their mission. They also run special programs for women returning to work and an innovation studio for startup ideas and product prototyping. In essence, their goal is to enrich the cybersecurity field with diverse talent through education and opportunity. https://www.nextgencybertalent.com/
Reading List: Blog of the Month: FBI director warns Chinese hackers aim to ‘wreak havoc’ on U.S. critical infrastructure: (Volt Typhoon)
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike,” said excerpts of Wray’s prepared testimony released by the FBI. Wray also argued that “there has been far too little public focus” on Chinese hackers’ targeting critical infrastructure in the U.S., such as water treatment plants, electrical grids, oil and natural gas pipelines and transportation systems, according to the prepared remarks. “And the risk that poses to every American requires our attention — now,” his prepared testimony said. “The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation and water sectors — steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said in his testimony. The majority of the routers affected by the hackers were vulnerable because they had reached “end of life” status and could no longer be supported by their manufacturers’ security patches or other software updates, the Justice Department statement said. The court-authorized operation deleted the malware from the routers and took additional steps to sever their connections with the botnet.
*NEW: ISSA Mentorship program:
Mentorship chair: Desmond Graham:
Desmond: Goal is to being people invested in the industry with newcomers in an effort to bridge the gap to help them understand what they want to do.
Want to reach out to local organizations to get mentors onboard to help the upcoming generations of cyber professionals.
Calling for volunteers on the Mentorship Program committee/Call for mentors
To obtain a mentor in a match making fashion:
Mentorship Mixers: learn about how to get into cybersecurity with NO previous background or experience. Meet and learn from cybersecurity SME (subject matter experts) mentors. Network with hiring managers and the cybersecurity ecosystem.
Hoping to have up and running in by June, want to reach out to universities, Hampton, Newport News, Norfolk, 2-3 times a year as an in-person type of event.
*NEW Social Media Resources:
Zeffy is now used for event registrations, we sent an email out if you are signed up for those
with Eventbrite, we were limited a certain number of sign-ups
Discord (QR below), can use QR code, link or search “ISSA-HR” (https://discord.com/invite/Jt3m7TWQzQ
LinkedIn:
Click the QR code (Above), link or search for “Information Systems Security Association – Hampton Roads Chapter” https://www.linkedin.com/company/information-systems-security-association-issa-hampton-roads-chapter/
Meeting recap available on website: https://issa-hr.org/category/meeting-minutes/
Chapter Meetings and Social Events:
6 February: Kenn Jensen: Understanding the Essence of OSINT: A Strategic Guide for Uncovering Insights When Looking For Your Dream Home
5 March: Barbara Cosgriff, Evan met at DefCon, prodsecteam.com (Topic TBD)
2 April: Len Gonzales, Ally Cyber Investigations LLC: Real World OSINT Applications
7 May: Alex Reid, NRT Tool Developer: Overview of recent tool developments, he got Navy COMs (as a civilian!) goes to show the weight of his contributions
Looking for speakers for 2024 and in-house back-up speaker: please reach out to Evan Larsen (see email list at bottom) if interested or have a purpose speaker. Want to do another cyber range in perhaps August.
Jon B: about once a year, the FBI does like to come out, to talk counter espionage, and the like. It’s great! Roops has been in contact with a someone since 2016, who made the news with one of their busts! FBI is current and informative; Evan will consider reaching out. Evan Larsen (on LinkedIn) is happy to hear about organizations that may want to do stuff with ISSA!
Cyber Social: Feb 28th, it’s a great casual event, no expectations, great place to network. Definitely a good time. You can sign up for emails to stay in the know about these events!
After-Meeting Networking Happy Hour: After ISSA meeting at plaza Degollado.
Jobs: Have a job/Need a job: ISSA has a job search page http://iz1.me/XJU31zUSeBV
Government Jobs: USAJOBS.gov: Government job resource: federal resume Guidebook by Kathryn Troutman
Need a Job: If you’re looking for work, now’s your chance to let us know! Let us hear your elevator pitch: an Introduction, summary of what you do: current role and why you are doing well there, relevant experience, Explain your value/what problem you can solve, and a Call to action for what you’d want to do next.
Optionally, for an extra 30 seconds you can add other details such as clearance status, remote, on-site or relocation preference, additional education/certs not already mentioned, and other short details. We can post your email in the chat if you want, we will ensure it gets to the right people.
For those getting out of the military, Skillbridge is a great resource, ask about Skillbridge—you’ve got to do it about a year out from your retirement/EAOS.
Justin: got his DD214—looking to get into commercial sector—wants to take break from government. Intelligence background, has seen gambit of helpdesk through sysadmin through a few different security specialties. Wants to look into vuln management
Have a Job:
Job title/Company/Type (Contractor, Government, Private sector, Internship, Full time, Part time)/Requirements (Years work experience, Education, Certs, Clearance)/Desired experience, qualifications and any other information desired (keep it short)
Johnnie: NMCI (SAIC) is hiring! One of few companies that will sponsor clearance, three of months or so you will understand ecosystem of NMCI—have history of successful referrals—great start in service desk! John B speaks highly of this gig.
Monthly Presentation: Understanding the Essence of OSINT: A Strategic Guide for Uncovering Insights When Looking for Your Dream Home
Speaker: Kenn Jensen: Over 30 years professional experience in the IT domain, Ken’s background spans programming, database/web development, call center technology and consulting, emergency services management solutions, automation as well as enterprise security web filtering and enterprise network discovery and monitoring. Senior infrastructure engineer by day, OSINT for good by night (side gig as a coach)
will hand it over to Kenn!
works for Sentara but does NOT represent them in this presentation.
Disclaimer: Ken does not represent current or past employers, all statements, comments, questions, views and dumb jokes in this presentation belong solely to Kenn
Kenn: “when it comes to OSINT you are enabled to ‘cancel’ people—don’t be evil.”
Whoami: Kenneth Jensen, 43 years of IT experience, 30 of those professionally. Been doing OSINT for 10+ years. Senior Judge/Coach for TraceLabs. Senior Infrastructure Engineer by day, “OSINT for good” by night.
Kenn: “TraceLabs helps law enforcement help find missing people.
Contents: 1. What is OSINT
2. OSINT basics
3.setup your OSINT for your new home
4. Find the sources
5. Next steps
What does OSINT Mean to you?
Kenn: can apply to most anything to include home buying, job search, etc”
What is OSINT?: 1. OSINT is an umbrella term:
2.SOCMINT – Social Media: X, FB, IG
3.GEOINT – Geo-spatial: Satellite, Aerial, GIS
4.MEDINT – Media: Newspapers, Radio, Television
5. FININT – Financial: IRS, Stock Market
6. CYBINT – Cyber: Threat hunting
7. TECHINT – Technical: Tech Manuals, Research Papers
8. AOSINT – Analogue: Touching Grass
”Having a list of questions and finding the open source data (OSD) which can help answer those questions.”
OSINT basics: 1. Ask the right questions
2. Start off with broader questions then be more detailed.
3. Pivot
4. Assemble a list of OSD
5. Alternate personality accounts, aka sock puppet, not always needed.
6. Pure OSD –Free on interwebs, no login
7. Grey OSD – Free, requires login
8. Dark OSD – Paid or requires special access
Kenn: ”Will have millions of pages in google, come of with important-to-you questions; assemble list of open source data repos free on interwebs, pure OSD has no logon./Grey OSD/DarkOSD (PI level, which varies state by state”
If you can Google: you can do OSINT—google dorks help you a lot—there’s a whole list of them:
i.e
1. Site:linkedin.com – only searches linkedin.com
2. Filetype:pdf – only searches inside PDF files
3. Inurl:/view/index.shtml – webcams not password protected
4. Intitle:directory – only searches in the web page file
5. Intext:name – only searches the text
You can combine them too site:linkedin.com intext:john filetype:log as an example:
What have you OSINTed lately?—
1. OSINT isn’t just about creeping or stalking
2. What questions did you want answered when: Bought your last phone? Bought your last car? Bought your last appliance? New prospective employer? Looked for information about an event?
“You can use OSINT for pretty much anything. Don’t just look a social media, i.e if you find out your company is gearing toward AI you can research prompt engineering—can look up presidents of organizations, LOL (yes, if you want to creep on them like that)
think consciously about the questions you are trying to answer.
If looking for a job, you can use job titles with Google dorks and can pull masses of job titles,
finding out who you may wind up in contact with on your search can benefit. “
Setup your house hunt:
1. Standard relators or specialized relators
2. School district information
3. Previous sale prices/ transaction history
4. Nearby amenities: parks, shopping, dining
5. Local transportation
6.Property boundaries
7. FEMA Flood Zones
8. Building permits and renovation history
9. Powerlines
“Everyone has needs and preferences, schools for those with kids, realtor types, house information from redfin, can observe details such as home price trends, Transportation, uber availability, bus routes, property boundaries: Google Earth and township website might be good resources, FEMA Floods zones for flood insurance purposes, building permits/renovation history may be online or at township, powerlines can be bothersome by their magnetic field for those sensitive.”
1. Neighborhood: crime, SA offenders, partiers, HOA & EPA
2. Historical weather patterns
3. Traffic Patterns, evacuation routes
4. Community Events, master plan
5. News outlets
6.Location History, what was previously on the land
7. Fire department calls, station & hydrant proximity
8. Walkable scores
9. Hospitals
“There are websites to look into crimes, familywatch.us is a SA resources site. DON’T DO EVIL—no vigilantism. Can also find info on HOA/EPA deals (that come out of HOA members’ pocket). Can also look into weather patterns, traffic patterns, VDOT, evacuation routes. If you travel to work you can see VDOT cameras and see what the live traffic is like. Plans such as Subsidized housing can affect home values. News outlets, Location history (Google earth), Fire department and hydrant proximities; insurance companies take this into account. Culdesacs usually do not have hydrants, they are normally placed at the beginning of the culdesac, with two conjoined pipes, which can wreak havoc on engine water supplies.
Another thing to look for is aluminum wiring, which requires attention to oxidization, you can quite easily start a fire. If you’re interested, you can find out how many gallons there are in a given hydrant lines. If you find you had a fire in the kitchen area, see a brand new kitchen, but its being sold two months after the fire? Home inspectors can help find this kind of information, pay extra attention to the kitchen area, what supports look like.
Walk scores of the locale, if you live in a community of houses, suburb, apartment, walkability scores can tell you how close things are in walking range.
Community hospitals, level 2 trauma centers, level 1 trauma centers, with the difference being level 2 could not handle burns or children. Level 1 takes everybody except if it’s Only a burn. They take you to a burn center. May want to know the proximities of these three types of hospitals.”
What else would be important?:
What other information would be important to you? What did you find out AFTER you bought your own house?
“Aluminum wiring and Quest piping are huge ones, maybe even asbestos.
BBB/Township/Neighbors can provide valuable info.”
Next steps: 1. OSINT yourself
2.OSINT family or friends WITH PERMISSION
3. OSINT your employer’s business
4. Set Google news alerts
5. Assemble a good library of links to OSD
6. Understand OSD repositories will come and go
“OSINT YOURSELF, find out what you can find out about yourself, who has tagged you in stuff on social media? OSINT fam and friends with PERMISSION
Sites like Spokeo or thatsthem can perform cursory searches but be warned it can get WEIRD.
Google news: type your name and search, can get RSS or email. (RSS seems not to work at time of writing) between Google search put slash RSS /RSS to try and get feeds.
Assemble library of OSINT (OSD), resources change all the time.”
Links:
Hampton Roads Flood Zones:
https://www.vaemergency.gov/know-your-zone
Previous Sale Prices:
https://www.redfin.com
Walking Scores:
https://www.walkscore.com
Powerlines:
https://www.americangeosciences.org/critical-issues/maps/us-energy-mapping-system
https://resiliance.climate.gov/datasets/d4090758322c4d32a4cd002ffaa0aa12/explore
SA Offender registry:
https://www.familywatchdog.us/search.asp
Location history: Aerial Views:
https://www.historicaerials.com/viewer
Newspapers:
https://m.onlinenewspapers.com/index-usa.shtml
OSINT Directories:
site:start.me osint
https://www.osinttechniques.com/osint-tools.html
Questions?
Q: What do you use in your day to day? A: https://search.brave.com is great resource, blows DuckDuckGo out of the water.
Q: How do you feel about info from BeenVerified? A:don’t rely on one source. Go for 2 or 4 to compare data is the recommendation. Some stuff may be old.
Q: Any one off sites for job hunting other than the normal? A: Nah, –if you’re doing redteaming, look at jobs board on target site, what they’re hiring, what skills they’re looking for.
“Google takeout you can download everything google has on you.”
Thanks Kenn!
Business Meeting:
Old business/New business (Mentorship program, Conference Participation)/Secretary Meeting Minutes/Membership Updates/Treasury Report/Social media Updates
Conferences:
Cyberforge: TCC, Feb 10-11, Registration closed as of<>: https://cyberforge.cvcsa-cyber.org/
First day they do more low key stuff and second day they do the CTF/other activites.
Trellix Cybersecurity Summit 2024: Virtual/Ritz-Carlton, Washington D.C., Feb 27, $0-195: https://cybersecuritysummit.upgather.com/
SANS OpenSource OSINT summit: Virtual, Feb29-March 1, $0 https://www.sans.org/cyber-security-training-events/osint-summit-2024/
ShmooCon 2024: Washington D.C. January 14th > $N/A https://www.shmoocon.org/ –while this already happened for 2024, The organization says next year is the last year—this past round sold out in 22 SECONDS. Hackers love it.
2024 Shmoocon: (Internet Archive) https://archive.org/details/shmoocon2024
Mid-Atlantic Cybersecurity Conference (MACC): Prince George’s Community College, Largo MD, March 29-April 2, $100/350/900: https://nationalcyberwatchcenter.wildapricot.org/event-5109121
WiCyS 2024 Charlotte NC, April 25-26: $40/700/850 https://www.wicys.org/
Looking for conferences to have a table! If you see any definitely let us know—want to be able to rotate four to head these conferences. Remember we are NOT a company, we are a nonprofit, real estate is expensive at some of these events.
Old Business:
Christmas Party Three Notch’d Brewery & Craft Kitchen—in the future may be a potluck type thing, unless we find a way to fund this organization, we are on a decline after the CISSP study group demand lowered, as the cybersecurity “gold standard” lowered.
CISSP was $250, ran 8-12 students through that course. The holiday party is a good time, could always put a pool forward.
*Special Event* Cyber Range Live Fire Attack Simulation Workshop https://www.cyberbit.com/pla tform/cyber-range/
Sponsored by Cyberbit, hosted by: James Lawrence Day time event Noon-5PM. Food provided, 4.5 CPEs. –it was great, started at noon ended around 5:30, some pre-training and broke up into groups, with normal computers, DMZs, network and vuln scanners, Splunk to look for abnormal activity attempting to discern types of attacks. Our group ACTUALLY finished the course! The active environment was interesting. The vendor sells their product only to businesses and has a wide variety of training uses. Thank you Evan to helping organize that event. Jon believed the type was too small in the presentation, couldn’t read anything on the slides. Felt designed for a much, much wider format. Maybe a hint for the developers. The game was actually pretty good!
in the future the slot will be set up further out and involve a bit of pre-training to prepare for the actual event. Lessons learned: prior team organization and delegation can be more focused.
Social Event – Casual Pint, Jan 31—least week, had a good turnout as usual, good time. Closed the place as always
New chapter email addresses / updated—we can polish these and work on website updates.
New Business:
ISSA Mentorship Program: POC Desmond Graham
Volunteer Events: What would members like to participate in? Who can volunteer to lead?—kicking off a new year aways looking for events and volunteers. Science fair? Has always been good. Bunch of kids do their project, look for the IT cyber ones, give awards, really nice to be engaged with the community. Finances fell off from COVID, science fair volunteer events were big before that. The kids are amazing! We have also had recycling events, and are always inviting new ideas and pitches!
Definitely join the Discord! (see QR above)
ISSA Sponsorship/Funding committee
2024 Chapter Goals
Mentorship program:–don’t really have too much to add, just let (Desmond) know to get contact info to help contribute to this grassroots effort—blast on social media. Let know too if you’d like to volunteer as a mentor. John Bos is also willing to volunteer his office space in Norfolk.
Had conversation with ISSA Colorado Springs and got a lot of info about how they run their chapter.
Chapter Goals: We need your input! -Check your email in the next few weeks, will be sending out ask for suggestions
Income and Sponsorship Committee: We need sponsorship/sponsorship team lead/supporting team members: We would seek sponsorship for our meetings or other activities. We would like to put together a sponsorship committee—sponsorship is a means of income, a package potential sponsors could review and select a level of sponsorship—anyone who would like to lead a sponsorship committee—ISSA Year-End Balances from 2018 are on a decline of upwards of 5K, need to get this back up.
Income and Sponsorship Committee: We need sponsorship/sponsorship team lead/supporting team members: We would seek sponsorship for our meetings or other activities. We would like to put together a sponsorship committee—sponsorship is a means of income, a package potential sponsors could review and select a level of sponsorship—anyone who would like to lead a sponsorship committee—ISSA Year-End Balances from 2018 are on a decline of upwards of 5K, need to get this back up.
Membership Update:
Number of members: 50/ New since last meeting: Members 9/Visitors 12
November 14 Meeting Minutes
Treasurer Report:
Balance: $4256.97, Been getting hit with bank of America fees for being under 5k.
2024 Events Calendar: Green is Monthly Chapter meetings, months in red have been delayed a week, Blue is cyber social. Goal is to have this calendar posted on social media. This will enable people to plan earlier. ***
This year is an election year for ISSA leaders. November will have to be moved.
Social Media: **Facebook is more than 2.
New email addresses: These forward to our personal emails:
Will now adjourn to Plaza Dellogado
Please give us feedback!: What did you like? Recommendations for future meetings? What could make your experience better?
Send your feedback to President@ISSA-HR.org:
Last remarks:
DYK you can use Google Bard to watch and summarize Youtube!
all major platforms seem to now have an AI implementation, can invoke @meta.ai (even in chats!) can generate images @meta.ai/imagine, start conversation, menagerie of personalities,
corps have their own as to not let proprietary info get out
Thank you for coming out!
You must be logged in to post a comment.