October’s MiSec meeting will be on Thursday, October 11th, at 7 pm. Jack Crook is presenting a talk on forensics. Bring your own computer to follow along as Jack takes us into the details.

Abstract. Everyone has heard of targeted attacks. Detecting these can be challenging, responding to these can be even more challenging. This presentation will walk the participants through responding to this type of attack. By analyzing key points such as file times, memory and network traffic we will be able to answer the what, where, when and how of this compromised host. A Live image with all the tools and evidence files will be provided. The only thing you need to bring is a computer and some l337 S4uc3!

Bio. Jack Crook has been in the information security field for the past 12 years. He currently works as an Incident Handler performing incident response for one of the worlds largest companies. When Jack is not catching bad guys, he enjoys thinking of additional ways to catch bad guys.

For details and location, please either contact us through email (info@michsec.org) or log into our IRC channel (Freenode/#MiSec). This month’s meeting will also be streamed via Gotomeeting, Meeting ID: 557-536-470, Meeting Password: misec.

A sneak peak at what is to come:

  • In November, Keith Dixon (@Tazdrumm3r) is presenting on honeypots
  • OWASP Detroit returns in December with Kevin Poniatowski covering SDLC
  • In January, Raymond Lilly (@37point2) is presenting Intel Analysis – Twitter, Python, Data Mining
  • Rapid7 presents on March 2013