Mary Ellen & Friends - Holiday Hack

Join Mary Ellen Kennel and friends for a night of awesome hacking! Never played a CTF before? No problem, we'll help you!

1. Welcome to my FREE HolidayHack/KringleCon CTF event on Tuesday, 12/17/2019 from 6pm ET to 9pm ET. The event will be a drop in, arrive when you want, leave when you need to. Location: Bank of New York Mellon – SIDE Entrance: 88 Murray Street NYC 10007, 10th floor/Large Assembly Room, follow the signage!

2. This event caught the attention of the SANS Institute, and they have GENEROUSLY offered to partner with me. SANS will be providing pizza, and light prizes (think t-shirts). Also, a huge thank-you to Bank of New York Mellon for hosting the event!

3. BRING YOUR LAPTOP - we are short on power strips, so if anyone can bring an extra power strip, please label it and throw it in your backpack! WiFi will be provided. This FREE event will be in the style of a CTF. The idea for the event has always been to secure as big a space as I can, so that we can all play the SANS HolidayHack/KringleCon Challenge together. If you’ve never played a CTF before, this event is for you! I will personally make the rounds to try to help everyone feel comfortable, and get set up to play.

4. To get a head-start, grab my CheatSheet! http://bit.ly/KringleCon2019

5. You MUST RSVP for this event, as the space can only hold a certain number of people. No one will be allowed into the building if their name is not on the RSVP list. The RSVP is for two reasons; (1) headcount, and (2) security badges. All bags will be scanned, and you must bring proper ID. RSVP here: https://HolidayHack.EventBrite.com

6. We have secured one guest speaker, and have another we are waiting to hear back from:

Vitali Kremez leads the SentinelLabs team and specializes in researching and investigating complex cyberattacks, network intrusions, and data breaches. Over his government and private sector career, Kremez has made numerous groundbreaking findings into Eastern Europe’s cybercrime underworld and has earned virtually every major certification available in the fields of IT, security, and digital forensics. Kremez was selected to present at both NATO and United Nations dedicated to digital security. Vitali’s group was in the press this week, and will share with us some of his team’s discoveries:

The Hidden Link Between TrickBot "Anchor" & Purported North Korea “Lazarus” Tool Deployment - Discovery of One of the Most Sophisticated & Resourceful Botnet Groups on Crimeware Landscape - The research is evidence of “Anchor Project” tools being used to deploy malware possibly associated with the North Korean regime, a finding with significant national security implications. Twitter: @VK_Intel

https://www.businesswire.com/news/home/20191211005235/en/SentinelLabs-Identifies-Hidden-Link-TrickBot-Anchor-Purported

7. I may be able to live-stream the event, still trying to work that out. Check my Twitter feed the night of the event: @icanhaspii

8. I am pleased to announce that the NY Information Security Meetup, the largest gathering of its kind with roughly 6k members, has merged their monthly December meeting with us! We’ll have the group’s founder, David Raviv on hand, to tell us about his newest venture...The Cyber Guild.

David Raviv is an enterprise cybersecurity veteran, having been an early employee of the Herjavec Group as the company began to scale into the millions, as well as progressive roles at Proofpoint, Code Green Networks and Fishnet Security. Prior to those roles, David’s experience began as an unmanned airplane pilot in the Israeli Air Force followed by an undergraduate degree in Computer Science and an Masters in Business Administration.

nyis.us | @NYInfoSecurity

9. There will be no alcohol served or allowed at the event.