July 21, 2015, meetup wrapup - OSSEC in the house!
At this weeks meeting we discussed the following news items:
Hacking Team hacked, attackers claim 400GB in dumped data - Steve Ragan - CSO Online
Flash. Must. Die - Brian Barrett - WIRED
OpenSSL patches critical certificate validation vulnerability - Michael Mimoso - Threatpost
And because it just came out the same day we also discussed the freshly new hacked Jeep news.
Hackers remotely kill a jeep on the highway -- with me in it - Andy Greenberg - WIRED
After the news, Robert Wilson gave an excellent talk on OSSEC. He showed us how to both set it up and use it to monitor for abnormal activity. It's really interesting stuff and only requires, as Robert put it, "nerd power" to get it up and running. Here are some links to get started with it:
Daniel Cid's OSSEC architecture presentation
Vic Hargrave's ELK and OSSEC overview (somewhat outdated)
NSA Guidance on spotting the adversary
Thanks again to Robert for stepping up giving us an excellent presentation for our July meetup. It was very informative and fun as always hanging out with other infosec folks.
Our next meetup will be August 18. I will be presenting my Blue Team Starter Kit talk which I intend to use at BSides Augusta, September 12.