post view

Meeting Location

TASK meets the last Wednesday of Every Month 6:00 pm to 9:00 pm (with a few exceptions). Our next meeting is located at 55 John Street, Toronto, ON. Meeting room is the Rotunda (On main floor, just past elevators).

Feb 2019

MondayTuesdayWednesdayThursdayFridaySaturdaySunday
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

February TASK: Cloud uptake exposes major security challenges in Canada / What I learned about infosec as a cybersecurity blogger

Wednesday 27-February-2019 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


February TASK

Speaker: David Senf
Topic: Cloud uptake exposes major security challenges in Canada

Security skills, budget allocation, vendor/tools selection and architectures are being reshaped by rapid cloud adoption – and many organizations struggle to keep pace with the change. David Senf, founder of Cyverity Research, conducted in-depth surveys and analysis to help organizations measure the impact of cloud on these and many aspects of security. He’ll highlight 10 major challenges that his team’s research revealed. He’ll provide guidance organizations can take through 2019. Also, from his research into cloud impact on security vendors/providers, he’ll provide insights from their perspective too.

Speaker: Kim Crawley
Topic: What I learned about infosec as a cybersecurity blogger

For the past few years, I have regularly done research and writing for many popular cybersecurity vendor blogs, including Venafi, Cylance ThreatVector, Sophos Naked Security, Tripwire’s The State of Security, and Comodo’s blogs. I don’t think anyone has written for as many cybersecurity vendors simultaneously as I have. I have also written for 2600 Magazine, Infosecurity Magazine, Peerlyst, CSO Magazine, and SC Magazine. Unlike many people who are security practitioners first, and contribute to vendor blogs in their spare time, vendor blogs are my day job! I usually write for an IT audience, but I have also written for consumer laypeople. In my talk, I’ll explain what I’ve learned about how vendors market their products and services, how to explain cyber attacks and security hardening to non-infosec IT people, and how to explain cyber threats to laypeople. The threat landscape is becoming increasingly complex, and the communications side of their industry is becoming more, and more challenging.


Meeting Location: Michener Auditorium, 222 St. Patrick Street, Toronto.

Posted in Events.

January TASK: A Glorious Celebration of IoT Security / ShmooCon 2019 – Moose, Hackers, Security, More Moose

Wednesday 30-January-2019 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


JanuaryTASK

This month we welcome Lee Brotherston with a talk on IoT Security and Brian Bourne hosting a recap-session on lessons learned at the recent ShmooCon in DC.

TASK will kick off at 6pm in the Michener Auditorium at UHN.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

We look forward to seeing you there!


Speaker: Lee Brotherston
Topic: A Glorious Celebration of IoT Security

The IoT industry is often lambasted for it’s security, and whilst there are talks about IoT security, most focus on exploitation of unpatched embedded OS’s which naturally appear on these systems. Having moved into a security role in an IoT vendor I have spent the last few months embedded (pun intended) in IoT security from the inside. This talk is intended to discuss some of the unique challenges that IoT faces from security, and attempts to explain why some of the issues that occur, occur. Finally we are going to look at how the industry is changing and how not all vendors are created equal, there can be IoT without the security dumpster fire!

Speaker: Brian Bourne
Topic: ShmooCon 2019 – Moose, Hackers, Security, More Moose

For the 15th time, the Shmoo group promised less moose than ever and while failing on that front, delivered more great content than ever. Check out https://shmoocon.org for complete event details and #shmoocon on Twitter for a view of some of the shenanigans.

I attended many talks. I took notes at 16 of them and that doesn’t include lobby or bar talks. I’ll do my best to distill the key lessons you need to know and can take back and action. Incident response, machine learning, IoT, DuckDuckGo, IPv6, Office365 and behind the enemy lines of a nation state surveillance program… so many interesting lessons to share.

If you were also at ShmooCon, please email me and you can perhaps also share a lesson or two that you learned. Email brian@blackarts.ca.


This month’s TASK is sponsored by Micro Focus

Micro Focus helps you run your business and transform it. Our software provides the critical tools you need to build, operate, secure, and analyze your enterprise in a constantly changing world. Right now, that means powering your digital transformation with solutions spanning four key areas:

  • Enterprise DevOps—Build and deliver better software faster.
  • Hybrid IT Management—Operate with agility.
  • Security, Risk, and Governance—Secure what matters most.
  • Predictive Analytics—Analyze in time to act.

By design, these solutions bridge the gap between existing and emerging technologies—which means you can innovate faster, with less risk, in the race to digital transformation.


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

November TASK: A Gentle Introduction to Memory Forensics / Cybercrime Investigations: Handling the new Forensic Challenges

Wednesday 28-November-2018 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


November TASK

This month we welcome Nick Johnston with a talk on memory forensics and René Hamel discussing cybercrime investigations at the Michener Auditorium at UHN.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

We look forward to seeing you there!


Speaker: Nick Johnston
Topic: A Gentle Introduction to Memory Forensics

Memory resident post-exploitation frameworks like Empire[1] and mimikatz[2] are designed to minimize forensic artifact creation on a compromised host’s disk. This so-called “fileless” malware presents a significant challenge to traditional forensic disk image analysis. Memory analysis software like Volatility[3] enables incident responders and forensic investigators to examine a compromised system’s volatile storage and identify these otherwise stealthy attack tools.

This talk will serve as a light introduction to the how and why of memory forensics. The talk will begin with the arguments in favour of memory capture during a digital forensics and incident response (“DFIR”) matter vs immediately powering down the target system for disk imaging. Different memory collection scenarios will be presented and solutions using different software utilities will be demonstrated. Finally, collected memory samples will be analyzed using the Volatility framework with callouts to alternate software solutions where applicable. After this talk you will be able to explain the basic steps involved in memory forensics and recommend tools appropriate for different DFIR scenarios.

Speaker: René Hamel
Topic: Cybercrime Investigations: Handling the new Forensic Challenges

René’s digital forensic career spans over twenty years. His experience include several civil and criminal investigations for the Royal Canadian Mounted Police (“RCMP”), the banking industry, mid and large accounting firms in Canada, Europe and South East Asia. He currently manages the Forensics and E-Discovery practice at TELUS Security. René will talk about his latest experience with some of his cybercrime investigations challenges including some of the large scale forensic assignments he and his team managed.


This month’s TASK is sponsored by Proofpoint:

Proofpoint Inc. (NASDAQ: PFPT) is a leading next-generation security and compliance company that provides cloud-based solutions to protect the way people work today. Proofpoint solutions enable organizations to protect their users from advanced attacks delivered via email, social media, mobile, and cloud applications, protect the information their users create from advanced attacks and compliance risks, and respond quickly when incidents occur.


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

No October TASK

Due to a lack of venue availability and Halloween being the same night, we’ve had to postpone our October TASK event.

Stay tuned for November details.

Happy Halloween!
TASK Steering Committee

Posted in Events.

No September TASK

Don’t miss BSidesTO on Saturday, September 28 and SecTor 2018 on Monday, October 1 to Wednesday, October 3.

Be sure to register for each before you attend, engage, learn, network and support your local IT community!

We hope to see you there,
TASK Steering Committee

Posted in Events.

August TASK – BlackHat, DefCon, BSidesLV Recap

Wednesday 29-August-2018 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


TASK Vegas

This month we have our ever-popular Vegas recap special being at the Michener Auditorium at UHN.

If you attended BlackHat, DefCon or BSidesLV – this is your chance to help your fellow TASK members by sharing a summary and some key lessons you learnt from a couple of different talks. If you went and can help us, please email info@task.to with the session/s you want to cover.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Thanks for your help, and we look forward to seeing you there!


Download the presentation here.


BlackHat/DefCon/BSides-LV Recap

Speakers include:

  • Joshua Arsenio
  • Brian Bourne
  • Dillon Aykac
  • Geoffrey Vaughan
  • Paul O’Grady

Topics include:

  • Who Controls the Controllers – Hacking Crestron IoT Automation Systems
  • Detecting Blue Team Research Through Targeted Ads
  • Applied Self-Driving Car Security
  • Legal Liability for IOT Cybersecurity Vulnerabilities
  • Introduction to Docker
  • An Attacker Looks at Docker: Approaching Multi-Container Applications
  • Optical Spy Receivers with Joe Grand
  • Reverse Engineering OpenSCAD
  • Your Bank’s Digital Side Door – Steven Danneman
  • Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology

And many more!


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

July TASK: Threat Modelling for the Blue Team / Surviving in-house Bug Bounty Program – Handling the Unknown

Wednesday 25-July-2018 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


July TASK

This month we welcome Max Cizauskas with a talk on threat modelling for blue teams and Dolev Farhi with a session on in-house bug bounty programs at the Michener Auditorium at UHN.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Heading to Black Hat, DefCon or B-SidesLV? Let us know (email info@task.to). Along with connecting you with fellow TASKers, each August we hold a special BH/DC/BSLV recap, so if you are going, please consider putting your hand up to share overview of the sessions you attend and what you learn.

We look forward to seeing you Wednesday night!


Speaker: Max Cizauskas
Topic: Threat Modelling for the Blue Team

Threat Modelling gets your organization to see your systems, applications and processes through the eyes of an attacker. It can be used early in the development process to quickly reveal issues making it cheaper to fix and teaching the developers where controls need to be placed to build in resilience.

This talk will first discuss the important factors in scoping an assessment. Then it will cover how to do dataflow diagrams to capture the important components of the system in scope, how they interact, and which are exposed to an attacker. Next it will discuss the application of the STRIDE model to do the actual threat modelling, and finally how to capture all of the potential threats in a threat matrix. At the end of this talk you will know how threat modelling cuts down on assessment time and brings value to the organization beyond just threat assessment.

 
Speaker: Dolev Farhi
Topic: Surviving in-house Bug Bounty Program – Handling the Unknown

We often hear about vulnerabilities found through Bug Bounty programs, but we never get to hear the side who’s handling them. How do you keep up with hundreds of hackers probing your infrastructure?

In this talk, Dolev Farhi will provide you with his experience running an in-house Bug Bounty Program, the benefits, the challenges, tips, and how an external security report can easily turn into a potential threat.


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

June TASK: Recent Development in Quantum Key Distribution / Cyber Threat Intelligence: A Primer

Wednesday 27-June-2018 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 St. Patrick Street, Toronto


June TASK

This month we welcome Cordell Grant with a talk on Quantum Key Distribution and John Daniele with a session on cyber threat intelligence at the Michener Auditorium at UHN.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Speaker: Cordell Grant
Topic: Recent Development in Quantum Key Distribution

Massive investments in quantum computing and quantum communications are moving society toward technological upheaval. To the dismay of the cyber security industry, the impending Quantum Revolution will render conventional Public Key Encryption methods obsolete, possibly within the decade. Quantum Key Distribution (QKD), conceived of decades ago and often billed as an answer to the looming quantum threat is an area that has recently experienced rapid development and significant worldwide investment. This talk will cover recent efforts around the world to build a workable QKD infrastructure that can address a variety of use-cases. Of particular focus will be the emerging race for QKD satellites.

 
Speaker: John Daniele
Topic: Cyber Threat Intelligence: A Primer

The term “Cyber Threat Intelligence” has become the latest buzzword that has captured the attention of executives and cybersecurity leaders alike. However, there’s been little consensus on what constitutes a cyber threat intelligence capability and most attempts to articulate a definition are too vague and ambiguous to be of much value to most organizations. This presentation aims to clear up some misconceptions about cyber threat intelligence and place it in its rightful context as an emerging intelligence discipline. John Daniele, a cybersecurity professional with over 20 years experience in defense and intelligence, will provide insight on how an organization can build a cyber threat intelligence program by introducing his threat intelligence maturity model and roadmap. John will also explore how to operationalize threat intelligence at both a tactical and strategic level so that it becomes a pivotal instrument for cyber risk management in your organization.


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

May TASK: Reverse Engineering Automotive Diagnostics / Cyber Insurance in Canada – What You Need to Know

Wednesday 30-May-2018 // 6:00 – 9:00 PM
Meeting Location: Michener Auditorium at UHN, 222 Patrick Street, Toronto


May TASK

This month we welcome Eric Evenchick as he takes you under the hood with a talk on reverse engineering automotive diagnostics and Ms. Ruby Rai discussing cyber insurance in Canada.

Please note our meeting location is at the Michener Auditorium at UHN.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Speaker: Eric Evenchick
Topic: Reverse Engineering Automotive Diagnostics

Automotive diagnostics provide access for manufacturing, service, and forensics of automotive systems, and are present in nearly every vehicle on the road today. These systems provide a large attack surface, and often contain undocumented features. Unfortunately, information about these systems is proprietary, and tools for interacting with them are expensive. In this talk, we’ll introduce automotive networks, then dive into detail about diagnostic systems. Next, we’ll show open source tools for automating the reverse engineering of diagnostic systems, and finish up with some practical examples. Attendees should leave with a better understanding of how their car works, and where to go hunting for vulnerabilities in diagnostics.

 
Speaker: Ruby Rai, AIG
Topic: Cyber Insurance in Canada – What You Need to Know

Ms. Ruby Rai is an acknowledged expert in the Canadian cyberinsurance industry. She will provide a history of the underwriting experience, tips and tricks for a cost- effective cyber insurance policy, and hints on the future of cyber insurance in Canada.


Meeting Location: Michener Auditorium, 222 Patrick Street, Toronto.

Posted in Events.

Our Sponsors