2019/02/12 – 2019/02/12

141 Catherine St.

View MapMap and Directions | Register

Description:

How do bad actors conduct reconnaissance, initial exploitation, establish persistence, install tools, move laterally, and then collect, exfiltrate and exploit data? Most people think nation states, hostile foreign intelligence agencies and criminals are running their covert operations using zero days, but it’s not that common.

Gaining access to corporate networks and maintaining persistence is almost always done without a zero day; there are so many more vectors that are easier, less risky, and more productive. In a man-on-the-side (MotS) attack the malicious actor can read the traffic and insert new packets, but not to modify or delete packets sent by other participants. The attacker relies on a timing advantage to make sure that the response he sends to the request of a victim arrives before the legitimate response.

This type of attack can be used to disrupt existing communications by sending a perfectly forged TCP packet (correct peer, port, and sequence numbering) with the RST (reset) flag set. This packet is obeyed by the network stack or operating system which drops the connection. Or it could be used to place malware on the victim’s computer.

Biography

Patrick Malcolm, President of NetRunner is a trusted educator to clients like: the Department of National Defence, Canadian Security Establishment, IBM, The Royal Bank of Canada, the RCMP High Tech Crime Unit, Canadian Police College. An entertaining and knowledgeable storyteller, Patrick combines compelling storytelling with technical facts that engage and give participants a memorable experience..

Agenda

  • 5:30 – 6:00 PM Registration, Networking, Cash Bar and Grill
  • 6:00 – 6:05 PM Introduction of Speaker
  • 6:05 – 7:20 PM Presentation
  • 7:20 – 7:30 PM Question Period
  • 7:30 PM Closing remarks

Cost

Members: free, included in your annual dues

Non-Members: $15.00

We will have a look at these malicious actors perform a packet injection attack, known as a man-on-the-side attack during our live demonstration.

Register

SAVE THE TRAINING DATES May 9 – 10, 2019

The HTCIA International board has asked the Canadian Chapters to get together and setup a national conference called “HTCIA Canada Cyber Summit” and your Ottawa Chapter has volunteered to host it.

On May 9–10, 2019:  We’re planning on two training streams offering 16 lectures across two Ottawa University classrooms, in the Desmarais building on Laurier Ave.

Main topics we are concentrating on are:

  • Cyber Investigations
  • Digital Forensic Investigations
  • Legal Updates
  • Law enforcement

More details will be made available when the registration opens, here is the proposed pricing structure:

  • HTCIA Member Early Bird Rate (through March 31)  $200 Canadian
  • Non-member Early Bird Rate (through March 31)    $250 Canadian
  • HTCIA Member Regular Rate (April 1 to May 1)     $250 Canadian
  • Non-member Regular Rate (April 1 to May 1)       $300 Canadian

HINT: Pay/renew your membership to get the member pricing now.

We’re also working on a pricing discount if you register 5+ attendees regardless if all are active members.

Please go to HTCIA.ORG and click the ‘CYBER SUMMIT’ tab in the top banner, or fix the link:
hxxps://htcia.org/htcia-canada-cyber-summit/

Please note that registration is handled by memberclicks.net (expected redirection)

Thank you,
Gilles Racine
2019 Past President
Ottawa Chapter
pastpresident@htcia-ottawa.org
Summit email: CanadaCyberSummit@htcia.org

2019/01/08 – 2019/01/08

141 Catherine St.

View MapMap and Directions | Register

Description:

SQL Injection attacks have become a popular method to test a web site’s ability
to block unwanted code from running on its servers or backend databases. This
presentation will discuss the ongoing challenges and issues associated with
supporting Internet-facing web services that may draw the unwanted attention of
hackers looking for perimeter vulnerabilities. As well, there will be a
discussion of steps that can be taken by server administrators as well as
vendor solutions to safeguard services against these types of attacks.

Biography

Edward Hong is a Technology Consultant with several decades of experience
deploying and supporting computer networks for enterprises and international
corporations. He has spent the past 17 years working with Sun Microsystems and
Oracle America as an Identity Management Consultant, supporting enterprise
customers in financial, insurance, retail, corporate, and government
organizations across Canada and the United States. He understands the
importance of keeping customer data secure and protected for both internal
organizations and their customers.

Agenda

  • 5:30 – 6:00 PM Registration, Networking, Cash Bar and Grill
  • 6:00 – 6:05 PM Introduction of Speaker
  • 6:05 – 7:20 PM Presentation
  • 7:20 – 7:30 PM Question Period
  • 7:30 PM Closing remarks

Cost

Members: free, included in your annual dues

Non-Members: $15.00

Register

If you attended any sessions this year, these are the sessions and CPEs you can claim.

Name Start Date CPEs
January Event: Big Data Analytics and Cyber Security 2018-01-09 1.5
February Event: Investigating Cryptocurrencies 2018-02-13 1.5
March Event: Investigating Google Chrome Forensic Artefacts 2018-03-13 1.5
April Event: Investigating Google Chrome Forensic Artefacts (part 2) 2018-04-03 1.5
May Event: Searching Beyond the Hard Drive 2018-05-08 1.5
June Event: Web Application Firewall Observations 2018-06-12 1.5
July Event: BoF Session 2018-07-10 1.5
August – Meeting Cancelled 2018-08-14 0
September Event: Helping fight child exploitation while reducing exposure 2018-09-11 1.5
October Event: Azure Cloud Security 2018-10-09 1.5
November Event: Leveraging your tools with F-Response 2018-11-13 1.5
December Event: Annual Social 2018-12-11 0
Total 15
1 2 3 28