post view

Meeting Location

TASK meets the last Wednesday of Every Month 6:00 pm to 9:00 pm (with a few exceptions). Our next meeting is located at 55 John Street, Toronto, ON. Meeting room is the Rotunda (On main floor, just past elevators).

Oct 2017

MondayTuesdayWednesdayThursdayFridaySaturdaySunday
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

October TASK: Life After Breach: Ashley Madison in 2017 / Beyond OWASP Top 10

Wednesday 25-October-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: #308/309 (up the escalators)


October TASK

This month Matthew Maglieri talks life after the Ashley Madison breach and Aaron Hnatiw discussing common web application vulnerabilities that fall outside the OWASP Top 10 but are just as dangerous.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Matthew Maglieri, CISO at Ruby Life Inc.
Life After Breach: Ashley Madison in 2017

What does it really mean to fall victim to a headline-grabbing breach? What does the aftermath of a targeted attack look like? How can you overcome the challenges needed to recover and rebuild trust with your customers?

Join Matthew Maglieri, CISO of Ashley Madison’s parent company Ruby Life Inc. and ex-Mandiant consultant, as he presents this unique look on what is really required to defend against an advanced targeted attack and recover from the scenario that keeps us all up at night.


Aaron Hnatiw, Senior Security Researcher at Security Compass
Beyond OWASP Top 10

The OWASP Top 10 is the standard first reference we give web developers who are interested in making their applications more secure. It is also the categorization scheme we give to web vulnerabilities on our security assessment reports. And finally, and perhaps most frighteningly, it is the most common framework used by organizations for securing their web applications. But what if there was more to web application security than the OWASP Top 10? In this talk, we will discuss vulnerabilities that don’t fit into the OWASP Top 10 categories, but are just as dangerous if present in a web application. Developers and pentesters will benefit from this talk, as both exploits and mitigations will be covered for each of the vulnerabilities.

Meeting Location: 55 john Street, Toronto. Room: #308/309 (just up the escalators)

Posted in Events.

September TASK: Growing Up and Out of the Sandbox: Examining information security beyond the micro-technical lens / Building machine-learning pipelines at scale

Wednesday 27-September-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: #308/309 (up the escalators)


September TASK

This month we have Alana Staszczyszyn examining information security beyond the micro-technical lens and Roy Firestein discussing building machine-learning pipelines at scale.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Alana Staszczyszyn
Growing Up and Out of the Sandbox: Examining information security beyond the micro-technical lens

Information security’s primary principle is no secret: that the human is the security’s greatest threat. One young security student’s journey through Ontario’s home and community care sector examines the human aspect of fostering security from within the organization – as well as beyond the office. Between discovering the criminal treasure trove that is electronic health records, struggling to communicate the importance of security to colleagues amidst stringent deadlines, and grappling with acquiring organizational buy-in, this story illuminates how exactly interest can be won by those who are not security, or even IT professionals – and how they, as both employees and consumers, have the potential to be leveraged to cultivate security as a larger social responsibility.

Alana Staszczyszyn is an admittedly inexperienced but wholly enthusiastic information security analyst in the public healthcare sector, and is currently completing a degree in Information Systems Security. Her passion for security is propagated by its wide breadth of intersectionality with other fields of study. Particularly, she loves to examine the social, political, and economic implications that technology and security create.


Roy Firestein
Building machine-learning pipelines at scale

Roy Firestein, R&D Manager at eSentire, will talk about how his company deployed a machine-learning pipeline, with feedback loops, on AWS, to detect post-exploitation attacks using logs from Active Directory and endpoint agents. He will share the architectural decisions and walk us through the implementation, deployment automation and tools used in the project. By the end attendees will learn how to approach similar projects in their own companies, when to use hosted machine-learning tools or run your own, and common pitfalls to avoid.

Meeting Location: 55 john Street, Toronto. Room: #308/309 (just up the escalators)

Posted in Events.

August TASK – BlackHat, Defcon, BSidesLV Review

Wednesday 30-August-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: 308/309 (Go up escalator, door is just as you step off)


August TASK

This month we have our popular BlackHat and Defcon review meeting.  Below is a list of talks we hope to cover with something for everyone.  A huge thanks to those TASK members who attended and will be speaking.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Download the presentation here.


  • Jeremy Richards:
    • Android APK unboxing
  • Brian Bourne
    • Intro
    • Defcon and Black Hat Highlights
    • Lies and Damn Lies: Getting Past The Hype Of Endpoint Security Solutions
  • Jamie Gamble
    • MEATPISTOL, A Modular Malware Implant Framework
    • THEY’RE COMING FOR YOUR TOOLS: EXPLOITING DESIGN FLAWS FOR ACTIVE INTRUSION PREVENTION
  • Tom Tran
    • “How We (Google) Created the First SHA-1 Collision and What it means For Hash Security”
  • Cole Stichhaller
    • Exploiting the Most Notorious C&C Toolkits
  • Eldon Sprickerhoff
    • JavaScript obfuscation
    • Safecracking
  • Cheryl Biswas
    • Threat Intel for All: There’s More to Your Data than Meets the Eye  Defcon Wall of Sheep
    • Interrogation Techniques for Fun and Profit Besides Proving Ground
  • Laura Payne
    • Icthyology: Phishing as a Science
    • Hacking Serverless Runtimes
  • Stephan Davidson
    • Backdooring the Lottery and Other Security Tales from Gaming
  • Dan Friesh
    • Introducing HUNT: Data driven web hacking & manual testing
    • Bypassing Android password manager apps without root
  • James Arlen
    • Minimum Viable Risk Management Program
  • Matt Dean
    • The Internet Already Knows I’m Pregnant

Meeting Location: 55 John Street, Toronto. Room:  308/309

Posted in Events.

July TASK: How to roll your own document tracker using macros and tracking pixels / Threat Intelligence, Debunking Advanced Persistent Threats, and Dealing with Attribution Challenges

Wednesday 26-July-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: Rotunda (Main floor past the elevators)


July TASK

This month we have Roy Firestein hosting a session on how you can track users in phishing campaigns using Word and Excel attachments—using macro-based and pixel-based solutions.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Roy Firestein, Research & Development Lead at eSentire Inc.
How to roll your own document tracker using macros and tracking pixels

Microsoft Office documents are ubiquitous in the corporate environment, and are an excellent vector for information gathering and exploitation. While most attacks require a sophisticated vulnerability to run your payload, there are still other “non-malicious” techniques to achieve your goal. In this talk we will delve into how, at eSentire, we generate and track users in our phishing campaigns using Word and Excel attachments—using macro-based and pixel-based solutions. Some of the cool things we will explore include how to trick users into opening your .docm file and executing a PowerShell script that interrogates ActiveDirectory or starts a port scan. Sample code and tools will be released as part of the talk so you can experiment later with these techniques.


Viktors Engelbrehts, Director of Threat Intelligence at eSentire
Threat Intelligence, Debunking Advanced Persistent Threats, and Dealing with Attribution Challenges

The buzzwords of “Threat Intelligence” and “Advanced Persistent Threats” continue to be used throughout the information security (“cyber”) industry. Viktors will describe how actionable threat intelligence actually fits into the defence cycle, and where you should be skeptical (including reliable vs. unreliable attribution methods).

Meeting Location: 55 john Street, Toronto. Room: Rotunda (Main floor past the elevators)

Posted in Events.

May TASK: Surviving the Disaster – Secrets of a Successful Incident Response / Legal Perspectives on Data Breaches

Wednesday 31-May-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: Rotunda (Main floor past the elevators)


May TASK

This month we have Robert Beggs hosting a session on the management and techniques for a successful breach response and Fazila Nurani providing insight into the legal aspects of breach response.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Robert Beggs, Founder and CEO, DigitalDefence
Surviving the Disaster – Secrets of a Successful Incident Response

The resent of wave of ransomware attacks is a bitter reminder that “patch and pray” is no longer an effective strategy for protecting a network and its data. Realistically, organizations have to act as if a security incident is inevitable, and be prepared to successfully manage that response. During this talk, we’ll examine how both technical and management teams can optimize their response process – what are the tools, techniques, and processes that enable success. We’ll cover the secrets of fighting back, including:

  • How to effectively prepare for an incident
  • The incident response policy
  • Standard operating procedures – making your playbook
  • Managing and incident response
  • Effective internal and external communications
  • Training the incident response team
  • After the incident – what are the lessons you need to learn, and share
  • Cyberinsurance – is it really the best “last response”?

Fazila Nurani, President and Founder, PRIVATECH
Legal Perspectives on Data Breaches

Fazila Nurani is the President and Founder of PRIVATECH, a firm specialized in advising organizations on best practices relating to privacy, information management and Canada’s anti-spam law (“CASL”). Ms. Nurani was called to the Bar in 2001 after completing a degree in Electrical Engineering at the University of Waterloo, and a degree in Law at the University of Toronto. Ms. Nurani advises businesses in a range of industries, including the insurance and health sectors, technology companies and financial service providers. Ms. Nurani also provides direction to public sector entities considering initiatives with privacy implications, and has worked extensively with the Office of the Privacy Commissioner of Canada. Ms. Nurani is a Certified Information and Privacy Professional in Canada, a Certified Information Systems Auditor, and serves on the Boards of Directors for two not-for-profit organizations.

This session will cover:

  • Guidance from the regulators on managing a privacy breach
  • Existing legal obligations in Canada and upcoming breach notification and reporting rules
  • The ‘real risk of significant harm’ test that triggers legal obligations in a breach situation
  • Breach response obligations under GDPR for organizations who store information about EU data subjects
  • Investigations and case law that indicate why a strong breach response plan must be a top priority

Meeting Location: 55 john Street, Toronto. Room: Rotunda (Main floor past the elevators)

Posted in Events.

April TASK: The State of Security in Canada / Tales from NorthSec

Wednesday 26-April-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: #308/309 (Top of escalators)


April TASK

This month we have David Senf hosting a session on the state of security in Canada, and Pierre-David Oriol, Daniel Boteanu, and Marc-Etienne M.Léveillé providing insights into their NorthSec capture the flag competition.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


David Senf, IDC Canada
TASK on the State of Security in Canada: Survey Says!

IDC and TASK ran a survey of TASK members to learn how new and old security challenges alike are being tackled. We asked about budgets, headcount, weaknesses, breaches suffered, investment plans and other factors that help assess security maturity. Discover what plans your peers have in 2017 to improve security at their own organization or at their clients. David Senf, VP of Infrastructure and Cloud will walk you through your survey results and pepper in market data for additional context. You may cry a little. But each tear brings us closer to better security.


Pierre-David Oriol, Daniel Boteanu, Marc-Etienne M.Léveillé
Tales from NorthSec, World’s largest on-site Capture-The-Flag

NorthSec is a registered not-for-profit organization from Montreal that runs the NorthSec conference and the World’s largest on-site Capture-The-Flag “CTF” competition sporting more than 400 participants. This presentation will explore several topics around our capture the flag and briefly present what is confirmed for 2017.

First, we will explore three challenges from the Forensic track: employee stealing secret information, forged expense report and spear-phishing with complete takeover of internal network. All inspired from actual investigations, we will show the step-by-step on how to solve the challenges by analyzing the provided disk images, memory images and network captures.

Other areas related to the CTF will be discussed: how to balance a CTF for beginners and experts, how to run a “nothing-shared” infrastructure based on Linux containers for a 330+ people on-site competition and how to scale a sourdough bread-making operation. Furthermore, we will share our experience making 600 hardware badges with an ARM CPU and Bluetooth chip.

Meeting Location: 55 john Street, Toronto. Room: #308/309 (top of escalators)

Posted in Events.

March TASK – How to Plan a Purple Team Exercise / Compliant Operations in an aaS World

Wednesday 29-March-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: #308/309 (Top of escalators)


MARCH TASK

This month we have Haydn Johnson hosting a session on how to plan a purple team exercise, and James Arlen discussing compliant operations in an aaS world.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Speaker: Haydn Johnson
Topic: How to Plan a Purple Team Exercise

In Purple Teaming is the idea of using a Red Team exercise with clear training objectives for the Blue Team.

Great exercises should not just be focused on testing a product, they should also test your active Blue Team members and their skills. But how does one start to think about a Purple Team exercise, how does one go about running one and what does it look like?

In this talk we will explain what, why and how, to plan an effective purple team exercise and give some examples. Most enterprise networks are Windows heavy so examples will heavily lean on this. Testing Assumptions, gaps, blind spots is what being proactive is all about. This talk is both for the console folks and non-console folks.


Speaker: James Arlen, Director, Risk Advisory Services at Leviathan Security Group
Topic: Compliant Operations in an aaS World

Moving towards an entirely cloud-based information technology capability seems to be the end-game for many organizations both large and small. While this is an excellent response to managing complexity and capital expenditures, it doesn’t relieve us of the requirement to operate our systems and software in a compliant fashion. When you’re operating from multiple (I/P/S)aaS providers and no longer fully operating your own infrastructure, how do you build a management structure (people, process, and technology) to support your ability to report internally and to your customers on your overall compliance posture? How can you know what your actual security posture is?

This session is built from years of practical experience in multiple fully public, hybrid, and fully private cloud enabled organizations (and if the stars align, will include practical demonstrations!).

Meeting Location: 55 john Street, Toronto. Room: #308/309 (top of escalators)

Posted in Events.

February TASK – My Windows Can Beat Up Your Windows / Social Robots and Ethics: Just How *DOES* This Work?

Wednesday 22-February-2017 // 6:00 – 9:00 PM
Meeting Location: 55 John Street, Toronto
Room: Rotunda (On main floor, just past the elevators)


FEBRUARY TASK

This month we return to Metro Hall and our two-presentation format, with thought-provoking sessions by Lee Kagan on Windows offensive security in the real world, and Brittany Postnikoff discussing social robot ethics.

As always, TASK is free, registration is not required to attend, and we invite you to bring your friends and colleagues.

Any questions email info@task.to. We look forward to seeing you there!


Speaker: Lee Kagan, RedBlack Cyber SecuritY
Topic 1: My Windows can beat up your Windows – Abusing MS technologies to attack enterprises

In this talk, we’ll look at the ever growing landscape of Windows offensive research, tooling and their applications in the real world.  Covering a range of technologies such as PowerShell, WMI, .NET, Active Directory and more, plus the many ways these can be weaponized for offensive purposes. The talk touches on variety of topics that is suitable for technical and non-technical audiences.


Speaker: Brittany Postnikoff
Topic 2: Social Robots and Ethics: Just how *DOES* this work?

Many robots destined for public consumption are designed with friendliness and approachability in mind. How robots are programmed to use this welcoming demeanour is an entirely different matter. During this presentation, you can expect tales of studies involving robots and various interaction techniques, and a discussion on how robots can, and do, use social engineering skills during day-to-day human-robot interactions.

Meeting Location: 55 john Street, Toronto. Room: Rotunda

Posted in Events.

January TASK – Mini Career Fair and Networking Event

Wednesday 25-January-2017 // 6:00 – 9:00 PM

This month’s TASK will see a change in venue and format, with a special TASK networking and career night at our old stomping grounds, O’Grady’s Tap and Grill.

See below for more details on what’s happening at this month’s TASK – we hope to see you Wednesday night!


WELCOME TO TASK 2017

Come and celebrate 12 years of TASK with free food and beer at this month’s Career Fair and networking event.

While we don’t have any presentations this month, O’Grady’s offers a great space for you to talk security with your peers and your career with our recruiting sponsors. You never know, you might even find your next job!

On deck to discuss your future at TASK are this month’s sponsors:

LookOut
eSentire
ScotiaBank
LyricalSecurity
NewSignature

Don’t forget to complete our IDC/TASK Survey (https://techquest.opinioninsight.com/survey/?ID=256). It takes five minutes to complete and will help determine the future of TASK. Please fill it out ASAP! In fact, circulate it with some of your colleagues as well.

See you at O’Grady’s,

TASK Steering Committee

Posted in Events.

Our Sponsors