Tuesday, November 19, 2013

No meeting November 20th

No meeting tomorrow couldn't dig up a speaker. We'll be Claddagh Irish Pub instead.  Have a safe and happy holidays see you in January.

Monday, October 21, 2013

October 23 Meeting: TLS decrypting and Linux Backdoor

We have two great talks scheduled:

Your Browser Knows Your Secrets : Decrypting TLS Web Traffic with Wireshark

@sallyvdv presentation will show how some current browsers make it very easy to export cryptographic keys that can be used with Wireshark to decrypt captured TLS network data.

The Linux Backdoor Attempt of 2003

@bradvoth will be discussing what the code inserted did, how to activate it, how the code got into the tree, what it means for developers and organizations; including prevention and detection.

Oh and @jbc22 says there will be pizza this time.  Hope to see you there! 

Thursday, October 10, 2013

Speakers needed

We are in need of presentations for Wednesday October 23 meeting.  If you have an idea please contact @jbc22 or @jsherenco.

Tuesday, August 13, 2013

September meeting - Incident Titan

Join us as Jaron Bradley walks you through "Incident Titan" by demoing the following lessons strictly from a forensic host based analyst standpoint:
o   Pin pointing the attacker’s initial point of entry into company network
o   Analysis of Malware found on hard drive
o   Detecting lateral movement across network
o   Analysis of attacker techniques and methodologies
o   Detecting stolen data off a company network
o   Tracing attacker techniques through memory analysis


Thursday, July 18, 2013

Due to vacations and such we are skipping the August meeting.  Our next meeting will be September 18th.   That's two months to put together a presentation so if you'd like to speak just let us know.

Tuesday, April 2, 2013

Meeting Location

All meetings will be held from 7:00 - 9:00 PM on the 3rd wednesday of every month.  The location will be:

EMU Livonia
38777 W 6 Mile Rd # 400 
Livonia, MI

Saturday, February 23, 2013

Thoughts on first mi4n6 meeting

First I would like to thank everyone who came out to our first meeting.  It was amazing to see all the people that showed up and packed the room we had.  I would also like to thank everyone that helped spread the word about mi4n6.  Whether it was via twitter, work conversations, school, you guys definitely got the word out to the community.

We have had a number of people already show an interest in presenting.  My current method of scheduling these presentations is "person asks -> I say cool -> I try and remember what slot I have open -> I make a mental note -> I forget".  This process does not scale well, so here is what I will ask in the future if you are interested in speaking.

1. Send an email to mi4n6.dfir@gmail.com stating that you would like to give a talk
2. In the email include an abstract of the presentation (so I can post it on this blog)
3. I will confirm by email with the earliest date I have available

I am also asking that if you have any suggestions about how we can better these monthly meetings to please let me know.

There were also a number of people that showed an interest in the challenge I was using as part of my presentation.  If you would like to give it a go, you can find it here: https://docs.google.com/file/d/0B_xsNYzneAhEYjJnNmk3RTJKX3M/edit?usp=sharing

Saturday, February 2, 2013

Change of location for first meeting

FYI:  I will be changing the location of the first mi4n6 meeting.  It will be held at the EMU Livonia campus instead of Ypsilanti.  I'm hoping this will make it easier for people with busy schedules to be able to attend this meeting.

The meeting location will be:

EMU Livonia
38777 W 6 Mile Rd # 400 
Livonia, MI

Friday, January 25, 2013

First Meeting


Our first meeting will be Feb 20, 2013 from 7:00 - 9:00 PM on the campus of EMU and every 3rd Wednesday of the month thereafter. The exact room is still TBD. The topics for these meetings will be anything that is related to Incident Response, host / network forensics or detection.

I would like to keep these meetings flowing so I am proposing the following schedule. This may be adjusted depending on the number of talks scheduled.

7:00 - 7:20 - Meet and greet
7:20 - 8:05 - Presentation 1
8:05 - 8:50 - Presentation 2
8:50 - 9:00 - Closing remarks

The topics of discussion for the first meeting will be:

Brett Cunningham - WIndows memory forensics
Jack Crook - Timeline analysis

I would like for everyone that attends these meetings to also to have the opportunity to present.  If you have ideas and would like to give a talk, please let me know.  I am looking for volunteers to speak at our March meeting and beyond.

If you plan on attending the meeting, please RSVP to mi4n6.dfir@gmail.com so I can plan for the size of the room and how much pizza to order.

I hope to see you there!