Utica College
Spring 2019 – Speaker Profiles & Talks
Timothy Reed
Talk: Interesting Penetration Testing Topics and Results
Bio:
Mr. Reed is the Owner of Adeptus Cyber Solutions, LLC and is
responsible for overseeing all efforts. He has over 20 years of experience
in DoD contracting, a Masters Degree in Cybersecurity (May 2015), a
Bachelor Degree in Computer Science (December 2000) and a wide
range of skills, from software development and systems administration to
offensive and defensive cyber. Mr. Reed maintains his CISSP (Certified
Information Systems Security Professional), Security+, Red Hat Certified
Systems Administrator (RHCSA) and OSCP (Offensive Security Certified
Professional) certifications.
Mr. Reed has been a developer on a defensive cyber software program
for several years and was also the lead developer on a research and
development offensive cyber capability. Mr. Reed has worked as a
penetration tester and information assurance specialist, testing Cross
Domain Systems (CDS) for the Integration Test and Evaluation Center
(ITEC) at AFRL-Rome. His work has greatly benefited the test team by
bringing years of offensive and defensive cyber, streaming video, and
networking experience. Mr. Reed’s work on testing CDSs has resulted in
significant security findings within the systems under test. Part of his work
included introducing malware and viruses into video streams, creating
alternate channels for getting malware through a file transfer CDS and
modification of network packets in an effort to exploit the network stack.
Mr. Reed has also participated on a Red Team during the Pacific Rim
Collegiate Cyber Defense Competition (PR-CCDC) in March of 2015 and
has most recently joined the Red Team at the CNY Hackathon.
Jennifer Allen
Title: Workshop – Embedded Systems Hacking with the ESP32
Abstract:
This year’s embedded systems hacking workshop will be setting up the out-of-box ESP32s to join an ESP-MDF based meshnet and attack a challenge server that is located somewhere on the mesh.
Bio:
Jenn is an offensive security professional with a hobbyist fascination for hardware hacking. She also volunteers for Darknet Industries (dcdark.net) and the Biohacking Village (dcbhv.org). She is a penetration tester working with a great red team at Splunk, Inc. Her creds include OSCP, GXPN, GMOB, GPEN, GCIH, and she is an Amateur Extra licensed ham operator in the US. She’s been working in IT for 20 years and still doesn’t know enough. Her other pastimes include philanthropic adventures, medical herbalism, fiction writing, and martial arts. She isn’t afraid of the singularity.
The Spring 2018 CNY Hackathon Winning Team!
Spring 2018 CNY Hackathon Schedule
Spring 2018 – Speaker Profiles & Talks
Mike Lisi
Title: Show Me What You Got – Advice for Landing a Job in Infosec
Abstract:
As the realm of information security has continued to grow, so has the demand for qualified people to work in the industry. This has also led to an increase in the number of applicants that are looking to get hired for these jobs, so it takes more effort than ever before to stick out from the crowd. I’ll be discussing some of the things that you can do to improve your odds of getting hired.
Bio:
Mike Lisi is a Senior Consultant at HALOCK Security Labs and a co-founder of the hacker meetup group IthacaSec. He has also worked as a network administrator, a programmer/analyst, and a developer of offensive and defensive DoD technologies. Mike received a BS in Computer Science from SUNYIT (now SUNY Poly) as well as a handful of infosec certifications including the CEH, OSCP, and GWAPT. Mike is also the lead designer for the CNY Hackathon CTF.
Jennifer Allen
Title: Workshop – Embedded Systems Hacking with the ESP32
Abstract:
Students will connect and provision the ESP32 with code to connect to securely the game service over wifi to receive the first half of the challenge key. They will then reprovision the ESP32 with a different operating platform and upload code to connect to a second game service over Bluetooth to receive the second half of the challenge flag.
Bio:
Jennifer Allen is a cybersecurity professional with a focus on offensive security and ethical hacking, and 19 years in IT. She also volunteers for the DEFCON Darknet (dcdark.net), the DEFCON Biohacking Village (dcbhv.org), and community hacking and maker groups. She is certified GCIH, GPEN, GXPN, OSCP, and an Amateur Extra licensed ham operator.
Spring 2017 – Speaker Profiles & Talks
Prof. John Cook – Herkimer College
Title: Exploring Embedded System Vulnerabilities
Abstract:
Embedded systems have extensive applications in consumer, commercial, automotive, industrial and healthcare markets. Examples of embedded devices include TVs, household appliances, banking ATM machines, routers, POS (point of sale) terminals, automobiles and cell phones. Internally, many of these devices are much like a traditional personal computer, running static versions of Linux and Windows. Often times, these devices are connected to the Internet but have no way of patching against discovered vulnerabilities. This presentation will explore methods of accessing the underlying systems in these devices as well as demonstrate methods of discovering vulnerabilities.
Bio:
Prof. Cook is the head of the Computer Network Tech program at Herkimer College. His research interests include embedded systems security, operating system and network security. He is a US Air Force veteran that has completed degrees in Data Processing, Programming and Systems as well as a BS and MS in Telecommunications from SUNY Poly. John’s career experience includes: government contracting at Rome Labs, and over 20 years as an independent IT consultant.
Mr. Michael Moore – Harris Corp.
Title: Neuromorphic Computing
Abstract:
The emergence of main stream artificial intelligence has been a prediction of computer scientists for more than fifty years; yet, there are still no robots among us. After a half century of research and development, predictions by Ray Kurzweil of a break-through in less than two decades have refueled speculation. The renewed interest is aligned with ‘neuromorphinc computing,’ an approach inspired by biology. Reaching a break-through will involve much more than computer science alone can provide. It will rest on new foundations of nano technology, neuroscience, mathematics and behavioral sciences.
Bio:
Michael Moore is a principle engineer and project manager at Harris Corporation in Rome NY. His career interests have focused on high performance computing, neuroscience, embedded systems, domain specific languages and distributed computing. Mr. Moore has published technical papers on the real-time emulation of a cortical visual track using CELL-B technology. He also published a book on real-time embedded software design, and has contributed to multiple defense system developments. Mr. Moore has a BS in Electrical Engineering from the University of Detroit, an MS in Electrical Engineering from the University of Dayton, and forty years of involvement with computer engineering. He has also served for the past 21 years as a School Board member at Oneida-Herkimer-Madison BOCES.
Dr. Jeanna N. Matthews – Clarkson University
Title: Big Data’s Big Problems
Abstract:
The data that we record daily about ourselves through our cell phones, credit card purchases, emails, social media postings, etc., helps us connect with each other and improve our quality of life. However, we are also enabling a set of societal harms that we have not yet begun to grapple with seriously. I will be discussing some of the problems of big data including insufficient anonymization and unfairness in automated decision making.
Bio:
Jeanna Neefe Matthews is an associate professor of Computer Science at Clarkson University (Potsdam, New York). Her research interests include virtualization, cloud computing, computer security, computer networks and operating systems. At Clarkson, she leads several hands-on computing laboratories including the Clarkson Open Source Institute and Clarkson Internet Teaching Laboratory. Students in these labs and in her classes at Clarkson and Cornell have been winners in a number of prestigious computing contests including the 2001, 2002, and 2004 IBM Linux Challenge, the 2005 IBM North American Grid Scholar’s Challenge, the 2005 Unisys Tuxmaster competition, and the 2006 VMware Ultimate Virtual Appliance Challenge. She is currently a member of the Executive Committee of ACM as the Chair of the Special Interest Group Governing Board. She has written several popular books including Running Xen: A Hands-On Guide to the Art of Virtualization and Computer Networking: Internet Protocols in Action. Jeanna received her Ph.D. in Computer Science from the University of California at Berkeley in 1999, a B.S. in Mathematics and Computer Science from Ohio State University in 1994 and a B.A. in Spanish from the State University of New York at Potsdam in 2015.
Spring 2016: CNY Hackathon Photos
Here are some photos taken from the Spring 2016 CNY Hackathon event. Everyone had a lot of fun and the event turned out to be a huge success!
New CNY Hackathon Network Topology Released!
As many of you have heard we are revamping the format of the CNY Hackathon event this semester to be more realistic. There will no longer be multiple rounds, instead the event will consist of two parts which will last the entire day. There will be a Capture the Flag (CTF) portion and an infrastructure portion. For the CTF portion of the event multiple virtual machines will be sitting on the WAN portion of the network that are loaded with flags for the teams to capture. When a team finds a flag they will enter it into the new scoring engine, and if it is valid then the points for that particular flag will be added to their score. The infrastructure portion of the event is geared towards network defense and administration. Students will have full virtual networks that they will have to defend against a Red Team of professional attackers. Teams will accumulate points based on service uptime checks. The object is to keep the Red Team out and keep the services up. Students will have to configure their router virtual machines at the start as well as all of the networking information and port forwarding rules for their internal server systems and workstations before they can start getting points. The first team to get their services online and open to the scoring engine will get a head start on point accumulation. The following network diagram depicts the new design: (Click the image for a larger view)
Interesting Post on the Utica College Computer Science Department Website
You may want to head over to the Utica College Computer Science Department website and see what’s just been posted!
Spring 2016 CNY Hackathon Speaker Lineup
The Spring 2016 CNY Hackathon talks will begin at 4:00PM on Friday April 22nd in the Frank E. Gannett Memorial Library concourse. We have four speakers lined up for this semester! Their talks abstracts and bios are listed below.