RedTeam@MTU Meeting Minutes

Introduction to Radio Snooping

Thu, 29 Jan 2026 00:00:00 +0000

Talk

TODAYS MEETING … Introduction to Radio Snooping

Speaker: Tim Peters (W3TLP)

Speaker Background

5th year, Extra Class amateur radio operator (highest license level)
Primary board operator at Houghton Community Radio

Radio Snooping…

Radio waves do not stop at borders or property lines
In the United States, it is generally legal to listen to radio transmissions
- Exception: cellular telephone communications

Radio Frequencies and Bands

Radio frequencies are divided into bands within the electromagnetic spectrum
Bands are typically defined by ITU, IEEE
Commonly used bands:
- LF, MF, HF, VHF, UHF, SHF

Scanner Radios

A scanner radio is a receiver that rapidly scans through preprogrammed frequencies
When activity is detected:
- The scanner stops on that frequency
- Remains there while the transmission is active
Scanner radios are inexpensive and widely available

FCC and Spectrum Use

The FCC (Federal Communications Commission) regulates radio spectrum use in the U.S.
Specific frequency ranges are allocated to specific services

Common Radio Services

Amateur (Ham) Radio

Used by licensed amateur operators worldwide
Common bands range from 6m through 23cm
Typically easy to monitor with analog receivers Modes
AM (Amplitude Modulation)
FM (Frequency Modulation)
FM is the most common
Digital modes also exist Typical traffic
Casual conversation
Emergency response
Event coordination

VHF High Band

Used by:
- Fire departments
- EMS
- Business and dispatch radios
Primarily FM, with some digital systems
Includes paging for emergency and business users

VHF Low Band

Largely obsolete
Still used in some wildfire applications

Airband

Used by aircraft and air traffic control
Uses AM instead of FM
Common traffic includes flight arrivals, departures, and coordination
AM is used to reduce interference issues in aviation

Marine VHF

Uses FM
Focused on safety and navigation
Includes bridge coordination and distress calls
FM is more resistant to environmental interference

FRS / GMRS

Consumer walkie-talkie services
GMRS requires a license but uses the same frequencies as FRS
Limited to 22 channels
Easy to monitor with scanners Common traffic
Recreational users
Outdoor activities
Retail and local communications

MURS

Multi-Use Radio Service
Low power (2 watts)
Operates in VHF
Used by some wildfire and utility services

UHF Business Bands

Used primarily by commercial and business radios
Generally unremarkable traffic

49 MHz Band

Older cordless phones
Baby monitors
Legacy consumer devices
Typically unencrypted and insecure

900 MHz ISM Band

Industrial, Scientific, and Medical devices
Shorter range
Good building penetration

Radio Trunking Systems

Conventional radio assigns a fixed frequency per user
Large systems require many users to share limited spectrum

How Trunking Works

Uses a control channel and multiple working channels
When a user transmits:
- A controller assigns an available working channel
When transmission ends:
- The radio returns to the control channel
Allows many users to share the same infrastructure without interference

Michigan Public Safety Communications System (MPSCS)

Statewide trunked radio system
Used by most police and public safety agencies in Michigan
Fully digital
Cannot be monitored with analog scanners

Trunking Scanners

Consumer-available scanners exist for trunked systems
Significantly more expensive than basic scanners

Police Communications

Most police radio traffic is encrypted (AES-256)
Encrypted traffic cannot be monitored by non-authorized listeners
Many other unencrypted services remain available to monitor

Notes

Additional radio services exist beyond those listed

Post-meeting

FILL THIS FORM OUT FOR CYPHERCON!!! FORM

Hotel Lock Hacking

Thu, 08 Jan 2026 00:00:00 +0000

Talk

TODAYS TOPIC

What is Saflok?

Saflok = hotel lock system made by Dormakaba.
SPOILER ALERT: not very safe, kinda poorly designed.
It’s a PACS (Physical Access Control System), just like what we use at Tech, but implemented very differently.

PACS basics (high-level)

PACS usually stores two values:
- Facility code (e.g., “this is an MTU card”)
- Card number (unique per person, defines access)
- Tap card → reader → door controller → network controller → server
- Server cross-references values → decides if door opens
At Tech: centralized + online (industry standard).
- You can view your own logs at cardservices.mtu.edu (real-time audits & alerts).

Wiegand stuff (the value on your card)

Wiegand comes from the wiegend effect from physics
Old-school cards used dedicated 0/1 wires (now mostly emulated).
Format is usually hexadecimal.
Easy to decode by hand.

Where Saflok fits in

Dormakaba makes Saflok ( just one PACS product among many).
Common in hotels and apartments
Rough estimate: ~30% of NFC hotel properties use Saflok.
System has evolved over time but:
- Same core design
- Uses RFID / MIFARE Classic
- Stores basically the same data as decades ago

Offline pacs is… not great

Saflok is fully offline (sometimes semi-offline).
All auth happens locally on the lock.
Downsides:
- No central monitoring
- Brute forcing card values is possible without alerts
- Privilege escalation is easier (flip a few bits → higher access)
There exists an emergency key (super master key).
- Overrides everything
- Used in emergencies
- Yes it’s terrifying

System 6000 & why this got bad

Older Saflok installs use System 6000
Previously you needed expensive hotel hardware to mess with it.
Now:
- You can interact with the backend database (System 6000 Firebird)
- Mint cards for other properties
- Edit card permissions across facilities
Property ID validation is not great

Card internals (high-level)

Data is “encrypted” (really obfuscated).
Once the obfuscation is understood, the whole system falls apart.
Card levels:
- Guest key (level 0/1)
- Higher privilege levels
- Emergency key = bit 12 (stored as level 13)
Flipping fields manually causes weird edge cases because the system was never meant to be used this way.
Emergency key can bypass deadbolts if software-controlled (not good).

Sequencing (important concept)

Keys have sequence numbers to invalidate old cards.
Treat sequence + combination as a password.
You can resequencing keys:
- Guest resequencing key
- Emergency resequencing key
- Etc.
This mechanism is supposed to improve security but is easily abused.

Patching problems

Fixing Saflok is expensive.
Many hotels didn’t want to pay.
Dormakaba offered two “enhanced security” options:
1. Disable MIFARE Classic (cheap, bad, doesn’t really fix it)
2. Actually fix the system (expensive)
Marketing was confusing, so many properties chose the cheap option.
Result: problem not actually solved.

“Ultralight C is safe”. well not really

Initial impression was that:
- Only System 6000 is affected
- Ultralight C is safe
But the reality is…:
- Newer apartments use different software + locks
- Same underlying system
- Same weaknesses, just rebranded

Patents = accidental info leak

Dormakaba patents describe:
- Internal lock logic
- Key structure
- Algorithms
Basically hands attackers a roadmap.
Algorithms are shared across deployments (no per-site keys).
Enhanced security does fix this by introducing per-property keys.

Tooling

Custom tools exist for Flipper Zero and Proxmark.
Noah’s version is more generic — doesn’t fully automate things.
Many similar tools exist from other researchers.

Final plea

Please stop installing cheap, half-fixed security systems.
Please no more MIFARE Classic credentials. Please

Workshop

Post-meeting

NCL Followup

Tue, 04 Nov 2025 00:00:00 +0000

NCL Followup

Overall Results

Scores were top-heavy; overall strong effort
Combined individual + game score was the highest in organization history
Fall competitions typically perform better due to higher effort
- Individual game runs over Carnival / spring
- Team game overlaps with finals

Scoring Breakdown

Combined accuracy and completion: 41.5
Accuracy: 68.5
Many participants completed only the minimum
Challenges this year were relatively forgiving
Structured challenges were significantly better than last year
Less guessing required
- Accuracy was much higher than previous years (previously ~30%)

Tyler’s Section

Focus on problems that generated the most interest:

OSINT Medium
OSINT Hard
Password Hard

OSINT Medium (Flamed)

Four sets of GPS coordinates with timestamps
Coordinates pointed to restaurants
Goal was to find correlations between locations
All restaurants were featured on Gordon Ramsay’s Kitchen Nightmares
A map of all featured restaurants was used
Required additional OSINT to determine which locations were still open
- Some map entries were outdated or incorrect
Observed pattern:
- Locations progressed east → west and south → north
Luigi was identified as a newer location
Lido Di and Ventura Greek (at the harbor) were identified
Final step:
- Zooming west-to-north to find a still-open location
Answer: Spin A Yarn Steakhouse
Coordinates obtained via Google Maps

OSINT Hard

Five-part question with mixed difficulty

OSINT Takeaways

Counting-based questions are error-prone
- Easy to lose accuracy through recounting or re-guessing
Recommended:
- Track questions and answers in a shared Google Sheet
For flag-based challenges:
- Answer scope is usually fixed
For numeric answers:
- Acceptable answer range may be broader

Password Hard

Based on ~1000 Star Trek episode names
Not superr hardware-intensive
Password structure:
- Episode name
- Two consecutive digits somewhere
- One or two special characters, usually at the end or beginning

Strategy

Mask attacks combined with wordlists
Nine different mask variations used
Mixed wordlists and masks to cover digit placement
Hashcat limitation:
- Masks can only be applied to one end by default
- Required workarounds for internal digit placement
Total keyspace was relatively small
Emphasis was strategic rule use, not ridiculously large rule files

Wordlist Details

Episode name variations included:
- All lowercase
- Standard capitalization
- Dashes instead of spaces
Total episode count ~1000
Collapsing variations resulted in a wordlist of ~2000 entries

Upcoming Meeting

Master Key privilege escalation
Hands-on session
Scheduled for next meeting

NCL and CTFs

Thu, 23 Oct 2025 00:00:00 +0000

What is NCL?

NCL is a CTF we compete in! (hopefully you know this by now)
Opens tomorrow (Friday) at 1 PM and runs until Sunday at 9 PM
Minimum point threshold: 300 points for us.

What’s a CTF?

CTFs are capture the flag competitions!
You’re trying to capture flags by solving challenges.
Flags have a format with numbers and letters, similar to the ICC Vehicle Hackathon format (flag–nums–letters).
When you solve a challenge, you get the flag.

About the Competition

Intended for introductory audiences, mainly students / people in education .
There are 3 different tiers (based on years of experience).
Doesn’t change the challenge itself — you’re just placed in a different pool.
Most of us will participate in the Undergrad section . Big thing: Try to get the most out of the competition, and figure out what you don’t know yet

Difficulty and Rules

Accommodates different skill levels through “ramp up” challenges (easy, medium, hard).
Easy ones are really easy
ChatGPT is allowed for this competition!
NOT allowed to work with other people!!!
That’s the only rule really. Everything else is open-book.

The “difficulty” label doesn’t always match how easy/hard it actually is — it varies. Don’t get discouraged!

NCL Categories

OSINT

Usually the easiest (includes question rules too).
Basically professional Googling .
MY PRESENTATION!! check the slides if you need a refresher :)

Cryptography

Easier questions deal with base number systems (just Google number decoders).
Harder ones get really hard , like crypto primitives (steep drop-off).

Password Cracking

Hashcat!
Harder questions require a ruleset .
Check Tyler’s pres!
Start cracking early! It takes time (run it in the background).

Forensics

A little more approachable with Linux experience .
Steganography, file recovery, etc.
Hardest questions usually use Volatility — install that.
Just have the correct tools ready!

Log Analysis

The grep category (shout out Noah).
Sort and sort list.

Network Traffic Analysis

Wireshark!!!
Viewing network traffic via packet capture files (.pcap).
Harder challenges use Scapy (a lot of outdated docs out there).
- Can usually solve with TShark + small shell script .

Scanning & Reconnaissance

Nmap my beloved
Usually gives you a VM to connect to in the web interface.

Web App Exploitation

Tons of tools: Burp Suite, Gobuster, cURL , etc.
Sometimes you’re allowed to use automated tools (they’ll let you know).

Enumeration & Exploitation

The hardest category
Even the “easy” challenges are tough.
Examples:
- Obfuscated shell scripts (PowerShell, Python) – easy
- Rust – hardest
You really gotta know what you’re doing for this one. Not easy to learn on the fly.

Other Notes

Accuracy doesn’t really matter unless you’re trying to place
You get many attempts.
Any online, non-password-protected resources are fair game.
You can use our past meeting slides!

Importance of NCL

Justifies our purpose and mission as an org.
Helps us get recognition too.
Board of Trustees namedropped us.
Governor of Michigan sent us a letter congratulating us!
As students, it gives us knowledge, helps us see where we’re lacking skills.
- Curriculum doesn’t always cover what we want to know, so this fills in the gaps.

RedTeam IDs

Thu, 25 Sep 2025 00:00:00 +0000

TODAY’S TOPIC — Red Team IDs / MIFARE Polyglot Cards !

To request: send name + image; if you sent it in time, printed IDs are ready for pickup.
Last year: printed on inkjet labels before we had a card printer.. improvements made!

Background Info…

For the RedTeam IDs → using proxmark for writing data to cards.
Two main chip vendors: HID and NXP (high-freq vs low-freq).
Our Husky cards use NFC / MIFARE Classic

Security Stuff…

MIFARE Classic is insecure. VERY Poor encryption.
- Uses the proprietary Crypto1 cypher (widely analyzed/pwned since ~2008). Very bad.
- Still commonly used in access control despite vulnerabilities.
Each card has a factory UID/serial number; this is readable and supposed to be changed.. but they don’t
Cards use sectors and keys (Key A / Key B) and contain access bits and manufacturer data.
Readers often convert UID to an upstream value (e.g., a Wiegand code) that the door controller uses to grant access.

IMPORTANT TO NOTE…

We disclosed findings to IT; they were not concerned, but do not hand out cards or impersonate others.
Stay within Tech/IT policy boundaries and avoid actions that would get the club in trouble. (Covering our asses.)

Polyglot / Multi-format Cards

A polyglot (2-in-1) card can present multiple formats (e.g., our Husky format + another).
Some readers (e.g., Schlage/Allegion) support multi-card types — nice for the organization - also nice for us… we can do a downgrade attack (we don’t need to, we already have the worst type).
readers try sector 15 as well, not sure why
move sector 1 to sector 15→ tada!

Tools

Mentioned tools: MIFARE Classic Tool (Android), Proxmark3, Flipper Zero, ChameleonUltra.
Buy the proxmark3 off of alibaba.
Equipment is available to check out through RedTeam (return like library items).

Audience Time!!

Take out your husky cards and flip it! (back numbers → facility code & card number are printed/readable).
Our card numbers are straight up printed , if you read someones’ card number you could hypothetically make a copy of their card (don’t do this)

Password Cracking

Thu, 18 Sep 2025 00:00:00 +0000

TODAY’S TOPIC — PASSWORD CRACKING!

What is a hash?

Deterministic function: same input → same output every time.
One-way: designed to make inversion computationally difficult (but not impossible for weak hashes or weak passwords).

What is a salt?

Random data unique to each password, combined with the password before hashing.
Prevents attackers from using precomputed lookup tables or quickly identifying repeated passwords across accounts.

Common hash types mentioned

MD5, SHA-1, NTLM — older, faster, easier to brute force; useful for learning/CTFs but not recommended in other contexts.

Rulefiles

Rulefiles define transformations applied to dictionary candidates (e.g., append numbers, replace letters).
You usually want to find a happy medium between a large wordlist + small rulefile (and the inverse)
Performance: applying rules multiplies the number of candidates to test (linear scaling with rule count).

Wordlists

Collections of candidate passwords aggregated from leaks/breaches (e.g., rockyou.txt). Useful for detecting weak or commonly-used passwords.

Piping / streaming

Advanced workflows use stdin/stdout piping to stream candidates into Hashcat

Attack modes (Hashcat)

-a flag selects attack mode (dictionary, combinator, mask, hybrid, etc.).
Most common: dictionary attack + rulefile applied.

Performance / Exhaustion

Time ≈ wordlist_size × rule_count × cost_of_hash_algorithm (very simplified).
Status: exhausted in Hashcat indicates the entire space defined by the wordlist + rulefile has been tested.

4) Demo (notes)

Wordlist used: rockyou.txt (common demonstration dataset).
Rulefile used: best64 (simple, commonly-used rulefile).
Approach shown: dictionary (rockyou) + best64 rules — tradeoffs: very large wordlist + small rulefile vs small wordlist + large rulefile. Aim for a middle ground based on target.

tldr

Hashes are deterministic cryptographic functions that map an input (password) to a fixed-size output. They don’t store plaintext, hashes are designed to be one-way.
Good cryptographic hash functions have very low probability of collisions (two different inputs producing the same output).
Salt = a per-password random value appended or prepended to the password before hashing. Salts prevent effective use of precomputed tables (rainbow tables) and make identical passwords produce different hashes.
old hash algorithms (e.g., MD5, SHA-1, NTLM) are faster to crack and are commonly used in CTFs or legacy contexts.
Modern password hashing schemes are just better
Hashcat basics: use -a to set attack mode – dictionary + rulefile combinations. Performance scales with wordlist sizexrule countxhash complexity.

Intro to RedTeam & OSINT

Thu, 11 Sep 2025 00:00:00 +0000

For kdayers – those who are new

We are redteam duh

We do meetings 😛 Competitions - NCL

Even host our own..????

Conferences :3

Defcon
Cyphercon
POINT BASED SYSTEM!
- Depending on how u participate with the org u will get points
- Use the points for merch ,priority list for conferences if ur active w / the org

IF U MET US AT KDAY WE SAID .. ALL THIGNS SECURITY! What is security???

We cover cybersec topics from major
- Network security
- Progrm security
And this that follow outside of this
- Osint, social engineering, physical security,, password cracking, wireless security (radio frequencies not just wifi– talk from last week) EVERYTHING COVERED IN NCL
- Eboard will teach u this stuf :3

Onto OSINT by Anika!

OSINT = Open Source INTelligence
- Basically professional Googling/stalking
Some useful OSINT resources
- Google dorking
- OSINT framework
- Check Instagram follows/likes
Now, use your OSINT skills and try to find info about Anika!
- Middle name
- Where she lives
- Usernames
- Etc
Get RedTeam stickers as a reward!

Wrapping up

NCL registration is open!
- I highly recommend signing up!
What do you want the next meeting to be about?
- Password Cracking
- Web Application Exploitation
- Network Security
Register for NCL and vote for the next meeting here!

Hacking Wireless Microphones

Thu, 04 Sep 2025 00:00:00 +0000

Noah starts off meeting

Introduction on Alex
- Will give a talk on hacking wireless mic packs
RedTeam will be at K-Day!

Hacking Wireless Microphones by Alex and Dane!

Goal for talk
- FCC regulations
- FM
- Squelch
- Roadblocks along the way
Who we are
- Alex
  - CpE
  - WMTU
  - SLS
  - HARC (Husky Amateur Ham Radio Club)
- Dane
  - MET
  - Involved in most of the same things as Alex
  - “Shower connoisseur"
FCC fines are not cheap, know what you would be getting into before breaking any
GNU Radio files from demo will be available after the talk
- If you are concerned about legality of using any of them, feel free to ask Alex/Dane
SDR vs Standard Radio
- SDR
  - “Best thing since sliced bread”
  - Less efficient than standard radios
  - Usually SDR’s only recieve, but they have a variant that can also transmit (the HackRF One)
- Standard Radio
  - Typically tuned for range of frequencies
  - Less features than SDRs
GNU Radio is a program to make flow diagrams to transmit/receive on SDR radios
Use it to pipe raw received signal through filters to get usable audio
- Basic demo listening to WMTU (91.9 FM, the campus radio station) with the HackRF and GNURadio
Purpose of FM vs AM and how they work
- AM is like talking louder/quieter for different frequencies
- FM is “like a guitar string vibrating” faster/slower for different frequencies
More advanced modulation demo
- Computer audio to wireless microphone receiver
  - Played quick audio from Spotify song
Methods for radio to know when to stay off
- Tone Squelch
- Digital (think binary) methods
- Other methods
Tone squelch works well for receivers to prevent noise
- Need to know senders squelch frequency if going both ways
- Usually at a set range (commonly 67Hz and a few others)
  - HARC uses 100hz for their repeater
- Prevents noise from being transmitted out the radio’s speakers
CTCSS is squelch standard
- Unfortunately demo broken at the moment (GNURadio moment)
SLX beltpacks in classrooms are being swapped to digital mic packs with “security-through-obscurity” protections
Easiest way to find the frequencies they come in on is just scan with SDR
How to emulate these microphones (OSINT!)
- FCC database search
  - All wireless devices sold in the U.S. have a FCC ID printed on them somewhere
  - Pleeeease check FCC frequencies and legality of transmitting on certain frequencies
Roadblock 2: FM deviation, essentially volume, Crunchy audio coming through
- Nyquist–Shannon sampling theorem
  - Sounds scary
  - Actually just means sample rate of audio must be at least double the bandwidth of the signal to avoid “aliasing”
    - Quick demo of what audio aliasing sounds like
Cloning Noah’s voice :D
- Recorded samples of Noah’s voice from the mic pack in last week’s meeting on Hacker Culture
- Ran through AI voice model
- Can now speak and have the output audio sound just like Noah’s voice
- Can now re-inject this deepfaked-audio back into the audio system by pretending to be one of the mic packs
- Now everyone can hear the audio from this fake “Noah” on the speakers!
Closing
- That’s all we have for today!
- RedTeam has the HackRF One that was used in this demo in the RedTeam Toolbox!
  - You can check it out from the Toolbox, and use Alex/Dane’s GNURadio scripts to mess around with the technology yourself
- Come see our booth at K-Day!

Hacker Culture

Thu, 28 Aug 2025 00:00:00 +0000

About Us

First 2 meetings = intro; then shift into structured cybersecurity topics.
Activities:
- Competitions (CTFs, NCL)
- Mini challenges (file recovery, exploits)
- Workshops & hands-on labs (e.g., Weigand systems, lockpicking)
Possible goal: host our own competition.
Attendance = higher priority for trips/events.

Leadership

Noah – President
Ethan – Vice President
Dane – Treasurer
Anika – Secretary
Tyler – CTF Chair

TODAY’S TOPIC – Hacker Culture

Definition

Original: Making unrelated things work together.
Modern: Breaking ciphers, bypassing security.
Information wants to be free mentality
Debate: “hacker” vs. “cracker.”

History

Roots in MIT Tech Model Railroad Club (1940s–60s).
Grew into computer tinkering, lockpicking, puzzle-solving.
MIT AI Lab → CSAIL was a major hub.
Tools/resources: Jargon File, MIT Lockpicking Guide.
Parallels: Urbex explorers, ham radio enthusiasts.

Decline

Institutional crackdowns (CFAA, CCTV, stronger security).
Media portrayal = hackers as “villains.”

Revival & Today

Internet (BBS, IRC, textfiles.com) rekindled culture.
DEF CON (since 1993) → major hub (attendance limited, costly).
Modern groups: niche forums, Urbex, tinkering communities.

Upcoming Events

Next Meeting: Alex presenting exploit on tech wireless mics.
- Live demo + downloadable scripts/tools.
Resources:
- Slides & meeting minutes uploaded regularly.
- Workshop materials also shared for practice.

Web App Exploitation

Thu, 03 Apr 2025 00:00:00 +0000

Articles Discussed:

none

Talk: Web App Exploitation by Izzy

Announcements:

None

Physical Village Demo (eBoard Elections!)

Thu, 27 Mar 2025 00:00:00 +0000

Articles Discussed:

None

Talk: Physical Village Demo! (no presentation)

Announcements:

Elections today!
Congrats to the new E-board:
- President: Noah H.
- Vice Pres: Ethan N.
- Secretary: Anika A.
- Treasurer: Dane C.
- CTF Chair: Tyler O.

Creating RedTeam IDs

Thu, 13 Mar 2025 00:00:00 +0000

Articles Discussed:

none

Talk: Creating RedTeam IDs by Noah Holland

Announcements:

Attendance is in full effect!
Other announcement!
- Eboard nominations are open!
- Please nominate anyone you would like for any eboard position.
- Eboard roles are for a year long position, so if you are graduating in the Fall we request you do not run.
- Elections will now be week 11, we changed the consitiution bc week 13 left very little turnover time for new eboard members

Jeopardy OSINT

Thu, 20 Feb 2025 00:00:00 +0000

Articles Discussed:

Talk: Jeopardy OSINT!

Announcements:

New attendance policy!
- Starts week 8
- Will be a factor for future trips

Master Key Systems

Thu, 13 Feb 2025 00:00:00 +0000

Articles Discussed:

none

Talk: Master Keys by Noah Holland

Only 5 attendees showed up (to our 4 volunteers) ;( -NH

Announcements:

none

Social Engineering

Thu, 09 Jan 2025 00:00:00 +0000

Articles Discussed:

None

Announcements:

Welcome back!

Artificial Intelligence

Thu, 14 Nov 2024 00:00:00 +0000

Articles Discussed:

Talk: Artificial Intelligence

Announcements:

small meeting next week
- Likely hacker jeopardy or a movie

Intro to Linux

Thu, 07 Nov 2024 00:00:00 +0000

Articles Discussed:

None

Talk: Intro to Linux by Noah Holland

Announcements:

Physical Security Demo

Thu, 24 Oct 2024 00:00:00 +0000

Articles Discussed:

None

Talk: Physical Security Demo, no presentation

Announcements:

NCL Individual game opens tomorrow
- Have fun!
- Make sure to submit at least 1 flag

Digital Forensics

Thu, 10 Oct 2024 00:00:00 +0000

Articles Discussed:

Internet Archive was hacked!

Talk: Digital Forensics by Mason Staedt

Announcements:

US Cyber Challenge
DOD Smart Scholarship
- Full ride + stipend
- Apply before Dec. 1st

NCL Prep

Thu, 03 Oct 2024 00:00:00 +0000

Articles Discussed:

Talk: NCL Prep by Ethan Norush

Announcements:

Sign up for NCL
- Closes 10/11
Join EPT

Network Segmentation through SIMS

Thu, 26 Sep 2024 00:00:00 +0000

Definitely did not forget to do this….

Talk: Network Segmentation through SIMS by Ed Jankowski

Articles:

No articles discussed

Announcements:

Register for NCL
Up Cybersecurity summit next week!

Resume Overview

Thu, 19 Sep 2024 00:00:00 +0000

Go to Career Fair!

Articles Discussed:

Talk: Resume Overview

Announcements:

Consider Senior Design Project eCTF
- form here
NCL interest form, closes Sunday
- NCL Form

OSINT

Thu, 12 Sep 2024 00:00:00 +0000

On this episode of Bottom Gear we: found funny memes, doxxed a good friend, and won t-shirts!

Articles Discussed:

Talk: OSINT by Izzy Gatti

Announcements:

Guest speaker next week!
- Network Segmentation and Automation by Ed Jankowski
eCTF - 2 Senior Design credits
- Fill out this form if you’re interested

Inventory Overview & Demos

Thu, 05 Sep 2024 00:00:00 +0000

Articles discussed:

Become an airline pilot for free!

Talk: Inventory Overview by Izzy Gatti

Summary:

Josh has a cool internship opportunity!
- Cybersecurity intern out of L’Anse
- Email jomsteve@mtu.edu with your resume to set up a short screening interview.
Inventory! We have it, you want it!
- Check out procedure
- Link to our inventory

Demos:

HackRF by Dane
- used the HackRF to speak through the computer system’s speakers
WiFi Pineapple by Carter
- Set up a rogue access point and redirected connected devices to a webpage
- Technical Documentation for the WiFi Pineapple

Introduction to RedTeam

Thu, 29 Aug 2024 00:00:00 +0000

Welcome (back) to RedTeam!

Articles Discussed:

None

Talk: Introduction by Izzy Gatti

Announcements:

We need a bank account, and we are RedTeam at Michigan Tech Uni.
New Expectations
- Things like: new slides, more social aspects, and all skill accessibility
CRAM
- Yu Cai sent this Navy challenge
- $125,000 prize pool!
- Submissions due Sept 8, 2024
MTU CTF
- Please join if you’re interested (contact @Ethan N or myself)
- Date TBD

Village Demo (No Talk)

Thu, 28 Mar 2024 00:00:00 +0000

Articles Discussed:

Talk: No talk tested the village our team made for CyperCon >:)

Announcements:

No meeting next due to CypherCon 💔
Let the officers know if you want to run for eboard
NCL individual game next weekend >:)

Capture The Flag Competitions

Thu, 21 Mar 2024 00:00:00 +0000

Articles Discussed:

Talk: Capture The Flag Competitions Ryan Klemm

Announcements:

Register your key for ncl or you will have to pay for your keys next semester
NCL practice game starts Monday at 1pm
If you want to run for any of the positions message one of the officers
No meeting April 4th for CyperCon

Incident Response Stuffs

Thu, 14 Mar 2024 00:00:00 +0000

Articles Discussed:

Talk: Incident Response Stuffs by Gina Adragna

Announcements:

NCL Keys have been release, please register :)))
CyperCon roster has been released

Threat Analysis & Risk Assessments

Thu, 07 Mar 2024 00:00:00 +0000

Articles Discussed:

Talk: Threat Analysis & Risk Assessments by Gina Adragna

Announcements:

Watch email for NCL keys
CTF Workshop on Sunday! 2-4pm every Sunday in Rekhi G06
Fill out Cypher con interest form!
Look out for cyber seed capture the flag on March 23rd

Movie (Cancelled)

Thu, 22 Feb 2024 00:00:00 +0000

Only four people showed up so no movie but don’t forget to fill out the ncl form!

Operating System Security

Thu, 15 Feb 2024 00:00:00 +0000

Articles Discussed:

Talk: Operating System Security by Ryan Klemm

Announcements:

Fill out this form to sign up for NCL for free so you can access the gym!
Go to Ctf workshop!! It’s this Sunday 2-4pm in Rekhi G05

Career Advice

Thu, 01 Feb 2024 00:00:00 +0000

Articles Discussed:

Talk: Career Advice by Gina Adragna

Announcements:

Fill out this survey to help officers make club decisions!
Go to Ctf workshop!! It’s this Sunday 2-4pm in Rekhi G05
Apply for SFS, only 1 month left
No meeting next week due to Carni

GPS and AIS Spoofing

Thu, 25 Jan 2024 00:00:00 +0000

Articles Discussed:

Lol Tesla autopilot had a zero day :)))

Talk: GPS and AIS Spoofing by Gina Adragna

Announcements:

Fill out this survey to help officers make club decisions!
Go to Ctf workshop!! It’s this Sunday 2-4pm in Rekhi G05

Penetration Testing

Thu, 18 Jan 2024 00:00:00 +0000

Articles Discussed:

BGP havoc!

Talk: Penetration Testing by Ryan Jaklic

Announcements:

Fill out this survey to help officers make club decisions!
Ctf workshop this Sunday 2-4pm in Rekhi G05
Ectf starting up talk to Ryan if you need more information
Look out for NCSA pent test email from Gina
NCL gym opens at the end of this month

Offensive Security in Production Enviornments

Thu, 11 Jan 2024 00:00:00 +0000

Articles Discussed:

Talk: Offensive Security (in a Production Environment) by Gina Adragna

Announcements:

Ctf workshops this semester! Fill out form to suggest what time the workshops will be
Fill out NCSA form if you want to do some pen testing!
Let Ryan know if you want to do the ectf
Pick up your merch! Next week is the last week to pick them up
Conference trip is in the works!
Apply for cybercorps scholarship!!!

Hacker Jeopardy

Thu, 07 Dec 2023 00:00:00 +0000

The Detroit Loins won Hacker Jeopardy 😦

Also fill out Ryan’s forms about ctfs!!!

Good luck on finals!!!

Hijacking Wireless Microphones (and Cloning Voices)

Thu, 30 Nov 2023 00:00:00 +0000

Articles Discussed:

Is business in your cybersecurity company low? Well read this article to get good business ideas :))))

Talk: Radio Project by Alex and Dane

(Link has not been posted yet)

Announcements:

Inventory Check-Out: if you want to check out some of RedTeam’s tools, talk to a RedTeam Officer
Take SAT4997 to get a tech elective credit for participating in RedTeam and NCL
Ectf registration opens soon so look out for a google form on the discord soon. Probably will need to meet once a week next semester.
Look out for a google from on discord about workshops for CTF skills
Next meeting we will finish the movie!
Let leadership know if you want to be apart of a RedTeam committee

Registering for SAT4997

Thu, 16 Nov 2023 00:00:00 +0000

Instructions if you’d like to register for SAT4997

Let an officer know if you get registered

Wireless Security

Thu, 09 Nov 2023 00:00:00 +0000

Articles Discussed:

Talk: Wireless Security by Gina Adragna

Announcements:

Let Gina know if you are not on the Mailing list!
Next week will be hacker jeopardy or 90s Hackers movie. Click this link to vote!

Linux Fundamentals

Thu, 26 Oct 2023 00:00:00 +0000

Articles Discussed:

Flipper zero DDOS?

Talk: Linux Fundamentals by Ava Gullitti

Announcements:

Check the ncl team spreadsheet to see what ncl team you are on! Submit a flag for the team game or you will get banned!
Secretcon is next week! No weekly meeting!
Merch order! Will stay open till about week 9 to 10!

How to Think About (Modern) Cryptography

Thu, 12 Oct 2023 00:00:00 +0000

Articles Discussed:

Talk: How to Think About (Modern) Cryptography by Ryan Klemm

Funny video that came up during the talk

Announcements:

No meeting next week 😦
Secretcon people need to buy their ticket, the air bnb has been booked!
Submit a flag for NCL practice game and regular game or else you will get banned!
Merch order! Will stay open till about week 9 to 10.

NCL Prep

Thu, 05 Oct 2023 00:00:00 +0000

Articles Discussed:

Talk: NCL Prep by Ryan Klemm

https://drive.google.com/file/d/1_vwVBAYudcM4_nWBzsgsS3f6ba5SrJ7b/view?usp=drive_link

Announcements:

Sign up for NCL and put your leader board name in the spreadsheet by tomorrow or you are going to get banned! :0
Merch order! Plz buy stuff because the prices will go down. <///><
If you want to be a mentor or mentee let leadership know 🙂

Social Engineering

Thu, 28 Sep 2023 00:00:00 +0000

Articles Discussed:

Announcements:

Sign up for NCL if you want a free ticket! Form closes this week 😦
Merch order!
If you want to be a mentor or mentee let leadership know!
Look out for Ectf sign up soon ( - _ - )
Look out for this semester’s conference sign up. It will be released either tonight or tomorrow. The conference will be in Week 10 in St. Paul, Minnesota. The form will close next Friday and will be release on discord first \(0o0)/

CFAA & Other Stuff

Thu, 21 Sep 2023 00:00:00 +0000

Articles Discussed:

Talk: CFAA & Other Stuff by Gina Adragna

Announcements:

Sign up for NCL if you want a free ticket! Form closes soon 😦
This weekend a group is planning on working on vsCTF this Saturday. Meet in Rekhi 101 and keep your eye on capture-the-flag channel if you are interested :3)
Look out for Ectf sign up soon
Look out for this semester’s travel conference info next week (0o0)/

Cybersecurity Career Advice and Resume talk

Thu, 14 Sep 2023 00:00:00 +0000

Articles Discussed:

Talk: Cybersecurity Career Advice and Resume talk by Gina Adragna

Announcements:

GRRCON CANCELED! Leadership is working on a different conference later in the year.
Career fair this Tuesday good luck!

Cybersecurity in the Workforce

Thu, 07 Sep 2023 00:00:00 +0000

Talk: Cybersecurity in the Workforce by Gina Adragna

Articles Discussed:

Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

Reminders:

Career Fair meeting next week!
Fill out Grrcon (closes next Friday) and NCL (closes end of the month) forms

Welcome to Redteam

Thu, 31 Aug 2023 00:00:00 +0000

Talk: Welcome to Redteam by Gina Adragna

Articles Discussed:

University of Michigan security issues
Conninutcut hospital hacked

Reminders:

Meetings every Thursday 6-7pm in Rekhi G05
Join discord, involvement link, and mailing list for current info and to send articles/chat
Let Ryan (CTF coordinator) know if you are interested in the ectf (https://ectf.mitre.org/)

Hacker Jeopardy

Thu, 20 Apr 2023 00:00:00 +0000

We revised the constutition!

The new copy can be found in the RedTeam drive, in the Documentation folder (https://docs.google.com/document/d/15Ca5SyrwL6VLAGGn4BcyVg_x_7zb3qCE/edit?usp=sharing&ouid=113794027745459900632&rtpof=true&sd=true).

News:

Discord ChatGPT bot

Hacker Jeopardy

Securing Large Language Models (+eBoard Elections!)

Thu, 13 Apr 2023 00:00:00 +0000

Reminders:

Join your NCL Team tonight!! Don’t ignore DMs, look at the Google Sheet if you’re confused.
CyberTruck applications are open (http://www.cybertruckchallenge.org/)

News:

Classified documents leaked over Discord
RCE vulnerability over radio module

Talk: Securing Large Language Models (Sophia Kraus)

New E-Board:

CTF Chair: Ryan Klemm
Secretary : Ava Gullitti
Treasurer : Giovanni Bommarito
Vice President: Ryan Jaklic
President: Gina Adragna

Wireless Security

Thu, 06 Apr 2023 00:00:00 +0000

Reminders:

NCL Team Game is April 14-16th. Check the sheet to make sure all your info is in, and let me know what type of team you prefer to be on (https://docs.google.com/spreadsheets/d/1nhFSGfnwp_cjhNZBtSbexE8qkmpxfeEt2CzZldBCEfI/edit#gid=0)
E-Board elections next week. Let an officer know if you’d like to run

News:

Drug manufacturer ransomware
Ford car auto-repossession patent
ChatGPT deepfake fear
RESTRICT Act (TikTok ban bill)

Talk: Wireless Security (Gina Adragna)

Power Grid Security

Thu, 23 Mar 2023 00:00:00 +0000

Reminders:

NCL Practice game open until Sunday, 9pm
If you’re going to CypherCon, check the driving sheet and make sure you’re in contact with your driver
E-Board elections soon, let an officer know if you’re interested in running

News:

aCropalypse - Google Pixel & Windows Snipping Tool have same truncation bug
Russia-affiliated data breach against members of US Congress
Youtube channels hacked (including LinusTechTips)
Bitcoin ATM 0-day ($1.5 million)
Minneapolis school district ransomware, data breach published

Talk: Power Grid Security (Sophia Kraus)

Andy Brush from DTMB Cyber

Thu, 16 Mar 2023 00:00:00 +0000

Reminders:

Register with your NCL keys by tomorrow night!
If you got the CypherCon email and didn’t come to the meeting, please contact an officer
If you are willing to / planning to drive to CypherCon, let us know so we can setup carpools

Talk: Guest Speaker - Andy Brush from DTMB Cyber (BrushA1@michigan.gov)

Steganography

Thu, 23 Feb 2023 00:00:00 +0000

Reminders:

CyberSEED/NCL Form (March 1st)
CypherCon From (March 3rd)
Check #announcements for form links
If you’re interested in SFS, application deadline is March 1st (https://mtu.edu/sfs/)

News:

EU TikTok
NSA Home Network Guidelines
Apple Vulnerabilities
Meta & Twitter locking security features behind paywalls

Talk: Steganography (Ryan Klemm)

Cybersecurity Worker Shortage

Thu, 02 Feb 2023 00:00:00 +0000

Reminders:

No meeting next week!
If you’re interested in SFS, application deadline is March 1st (https://mtu.edu/sfs/)

News:

Malicious npm & PyPi packages
GoodRx leaking customer PHI to Google & Facebook
Power grid vulnerable to malicious EV charging systems
ChatGPT acting as an interviewer

Talk: Cybersecurity Worker Shortage (Gina Adragna)

AI & Cybersecurity

Thu, 26 Jan 2023 00:00:00 +0000

Reminders:

Intro to Web App Security presentation next Thursday 4-5:30pm (https://events.mtu.edu/event/intro_to_web_app_security)
Pick up T-Shirts if you haven’t

News:

TSA No-Fly List leaked
Adobe AI art copyright issues
LastPass leak updates
Hive ransomware gang infrastructure seized by DoJ
T-Mobile data breach

Talk: AI & Cybersecurity (Ryan Klemm)

CFAA & Other Legal Stuff

Thu, 19 Jan 2023 00:00:00 +0000

Reminders:

t-shirts are in

News:

GitHub code spaces RCE vuln
Twitter data breach(es)
Mailchimp data breach
Microsoft Azure RCE vuln
War Thunder forum F-16 leaks
TP-Link router buffer overflow vuln
University of Texas blocking TikTok on campus wifi

Talk: CFAA & Other Legal Stuff (Sophia Kraus)

Incident Response

Thu, 12 Jan 2023 00:00:00 +0000

Reminders:

t-shirts are in

News:

ChatGPT aid in Phishing Campaigns
Cyber attacks against Ukraine considered war crimes
Siemens PLC Vulnerbility

Talk: Incident Response (Sophia Kraus)

Hacker Jeopardy

Thu, 08 Dec 2022 00:00:00 +0000

News:

Remote Car Start Exploit

Talk: Hacker Jeopardy

Threat Analysis and Risk Assessments

Thu, 01 Dec 2022 00:00:00 +0000

News:

MTU Forestry building theft
US Defense Contractors not meeting cybersecurity requirements
Australian govt fining companies for data breaches

Talk: Threat Analysis and Risk Assessments (Sophia Kraus)

Cyber Warfare v. Cyber Crime

Thu, 10 Nov 2022 00:00:00 +0000

Reminders:

SUBMIT GRRCON FORMS BY TOMORROW
Fill out updated merch form (https://forms.gle/unBBh6p2nG8tDFUE6)

News:

Oil & Gas Infrastructure Exploit
Possible cyber attack on NY county voting system

Talk: Cyber Warfare v. Cyber Crime (Ryan Jaklic)

Cybersecurity Awareness Training

Thu, 03 Nov 2022 00:00:00 +0000

Reminders:

GRRCON REIMBURSEMENT
Don’t forget to check your NCL teams (BY MIDNIGHT TONIGHT) https://docs.google.com/spreadsheets/d/1V89HqnwkDDGKuPBPI_qZo8iUHkgvQ7ZkM0IJoX3es48/edit#gid=0
Merch form (again, even if you already filled it out) https://forms.gle/unBBh6p2nG8tDFUE6
DM an officer if you are interested in CTF development

News:

OpenSSL vulnerability
Federal cyber validation for elections
Vehicle cybersecurity demostration from Army GVSC, GRIMM, MI state police
Japanese hospital ransomware attack

Talk: Cybersecurity Awareness Training (Sophia Kraus)

Hardware Reverse Engineering

Thu, 27 Oct 2022 00:00:00 +0000

Reminders:

Put NCL score in sheet (https://docs.google.com/spreadsheets/d/1V89HqnwkDDGKuPBPI_qZo8iUHkgvQ7ZkM0IJoX3es48/edit#gid=0)
GrrCon reimbursement
Can sign up for CS4090 Cybersecurity Competitions (Do NCL for 1 free technical elective)

News:

SQLite Buffer Overflow
Healthcare data on dark web
US Cybersecurity Goals

Talk: Hardware Reverse Engineering (Sophia Kraus)

Preventative Security

Thu, 20 Oct 2022 00:00:00 +0000

Reminders

tshirts have been ordered
NCL individual games this weekend
For those who attended GrrCon turn in the reimbursement form to Tom as soon as possible

Talk: Preventative Security (Gina Adragna)

NCL Prep

Thu, 06 Oct 2022 00:00:00 +0000

Reminders:

Activate your NCL keys by Sunday!! (#ncl-fall-2022)
If you’re going to GrrCon, check which car you have been assigned to on the driving sheet
Flare-On is ongoing if you like reverse engineering

News:

LA school district ransomware, 500gb data leaked
Overwatch 2 DDOS

Talk: NCL Prep (Ryan Klemm)

https://docs.google.com/presentation/d/1TNRudFeshkYQ3J0etSw3XKCGy1NJBstb/edit#slide=id.p1

Secure Coding

Thu, 29 Sep 2022 00:00:00 +0000

Reminders:

Fill out GrrCon leave time sheet and request a Dean of Students absence, if you are going
Activate your NCL keys by Oct. 9th (#ncl-fall-2022)
SekaiCTF this weekend if you’re interested - no team size limit (#capture-the-flag)
Flare-On Reverse Engineering challenge opens tomorrow - individual competiton, should be open for a few weeks
Bring a laptop to the next meeting to install NCL tools! If you already know how to install a VM/WSL, getting Kali running in some form is a good start.

News:

Large data breach in Australia (Optus)
Microsoft suspending sales in Russia
PowerPoint vulnerability to spread malware

Talk: Secure Coding (Ryan Klemm)

CAN Bus

Thu, 22 Sep 2022 00:00:00 +0000

Reminders:

Activate your NCL keys (#ncl-fall-2022)
DownUnder CTF starts tomorrow! (5:30am, ends 5:30am Sunday). Post in #capture-the-flag if you want to compete
Fill out the merch form by Friday (https://forms.gle/1wW5w1tmMMh4ByBm9)

News:

Rockstar attacked, GTA6 video leaked, source code allegedly acquired
Hyundai uses default encryption keys for firmware
Uber hacked (social engineering)
Record-breaking DDOS attack
More schools cyber-attacked

Talk: CAN Bus (Sophia Kraus)

Social Engineering

Thu, 15 Sep 2022 00:00:00 +0000

Reminders:

Fill out the NCL / GrrCon interest form: https://forms.gle/BuwR3X5kict6Sc5Q8 (CLOSING 12am 9/19)
DownUnder CTF in 1 week. Let me know if you are interested (#capture-the-flag). Low stakes, no cost or team size limit.
Merch form coming soon

Guest Speakers: Jacob Hawley & Isaac from Stellantis

They hire MTU interns for CNSA/Cybersec
They will be on campus from tomorrow through Career Fair next week

Hacking Mindset + Security Careers

Thu, 08 Sep 2022 00:00:00 +0000

Reminders:

Fill out the NCL / GrrCon interest form: https://forms.gle/BuwR3X5kict6Sc5Q8
DownUnder CTF in 2 weekends. Let me know if you are interested (#capture-the-flag). Low stakes, no cost or team size limit.

News & Articles:

New(ish) Linux Malware
School Ransomware
The Queen is dead

Talk: ‘Hacking Mindset’ and types of security careers (Sophia Kraus)

General Introductions

Thu, 01 Sep 2022 00:00:00 +0000

Introductions

General Housekeeping:

Let Soph know if you want to do a talk
NCL / GrrCon interest forms coming soon
- NCL practice game Oct. 10 - 17
- NCL individual game Oct. 21 - 23
- NCL team game Nov. 4 - 6
- GrrCon Oct. 13 & 14

Articles:

Plex hacked
Google open source bug bounty
Michigan has a shortage of cybersecurity workers (‘hotspot’ of cybersecurity)
‘Kia Boys’ stealing cars with a USB cord

Security at Scale (+eBoard elections!)

Thu, 14 Apr 2022 00:00:00 +0000

EBoard Elections

President: Sophie
Vice-President: Gina
Secretary: Ryan K.
Treasurer: Ryan J.

Security at Scale by John Preuth

IoMT Wearable Security

Thu, 07 Apr 2022 00:00:00 +0000

News and Discussion

Hackers breach MailChimp’s internal tools to target crypto customers
Authorities Fully Behead Hydra Dark Marketplace

IoMT Wearable Security by Stu Kernstock

CyberAuto, CyberTruck, and CyberBoat Challenges

Thu, 24 Mar 2022 00:00:00 +0000

News and Discussion

Arrests related to Lapsus$
CVE-2022-23121
Malicious npm packages target Azure developers

CyberAuto, CyberTruck, and CyberBoat Challenges with Karl Heimer

CAN Bus

Thu, 17 Mar 2022 00:00:00 +0000

News and Discussion

ACP UPS Zero Day
Russian Certificate Authority
Qnap nas vulnerability
Nvidia data breach
Kaspersky

CAN Bus by Sophia Kraus

Multi-Factor Authentication

Thu, 24 Feb 2022 00:00:00 +0000

News and Discussion

Russia’s Sandworm Hackers Have Built a Botnet of Firewalls
HermeticWIper
Wordpress Backup Plugin Vulnerability
IRS abandons plans to use third-party facial recognition
Nfts stolen
Ukraine cybersecurity situation

Multi-Factor Authentication by Stu Kernstock

Linux Servers

Thu, 17 Feb 2022 00:00:00 +0000

NCL interest form

Any interest in Def Con?

News and Discussion

Chrome 0 day
Doj cyber security alert
Russia hacked dod contractor
Kraken botnet

Linux Servers by Steven Whitaker

Business Email Compromise

Thu, 03 Feb 2022 00:00:00 +0000

News and Discussion

My2020 App
What Happens When Russian Hackers Come for the Electrical Grid
Log4j
Tape Storage Breakthrough

Business Email Compromise by Jack Bergman

CFAA

Thu, 27 Jan 2022 00:00:00 +0000

News and Discussion

Belarus Railway Hack
Shipment Delivery Scams Spreading Malware
Linux Pkxec PoC
IRS Facial Recognition
Children DDoSing School Districts

CFAA by Stu Kernstock

Cybersecurity Laws, Compliance, and Lobbying

Thu, 20 Jan 2022 00:00:00 +0000

News and Discussion

Beijing Olympics app
Ukraine cyber security alert
Whitehouse expanding NSA role in cyber security
Cybersecurity Maturity Model Certification
Red Cross security breach

Just a reminder that NCL is a thing but it’s pretty close to finals week. Also, anyone interested in doing some other CTFs?

Cybersecurity Laws, Compliance, and Lobbying by Gary Tropp

Incident Response

Thu, 13 Jan 2022 00:00:00 +0000

News and Discussion

Log4j
Alexa give me a challenge
Norton crypto
Raspberry Pi and electromagnetic waves
Colors and faker JavaScript libraries sabotaged
German teen hacks Tesla cars remotely

Incident Response by Stu Kernstock

Certifications (OSCP + CEH)

Thu, 02 Dec 2021 00:00:00 +0000

News and Discussion

Malware on Google app store
Security requirements for trains
China and Russia attacking satellites

Certifications by Stu Kernstock

How to fail your OSCP by Josh Stiebel
Certified Ethical Hacker by San

MQTT & Connected Devices

Thu, 11 Nov 2021 00:00:00 +0000

News and Discussion

Robinhood Breach
CMMC 2.0
Hospitals

MQTT & Connected Devices by Sophia Kraus

Kali Linux

Thu, 04 Nov 2021 00:00:00 +0000

News and Discussion

US sanctions NSO and other groups for selling spyware
Cybersecurity buzz words
Facebook shutting down facial recognition system
Squid game cryptocurrency

Kali Linux by Stu Kernstock

C2 Infrastructure

Thu, 28 Oct 2021 00:00:00 +0000

News and Discussion

NRA hacked
TLS 1.3

NCL

NCL Questions
NCL Workshop tonight (webapp)

C2 Infrastructure by Matthew Chau

DNS over HTTPS

Metasploit

Thu, 21 Oct 2021 00:00:00 +0000

News and Discussion

Bitcoin News

NCL

NCL Preseason Recap
NCL Workshops

Metasploit by Stu Kernstock

Discussing Jobs

Thu, 14 Oct 2021 00:00:00 +0000

Do your NCL preseason (at least one flag please)

News and Discussion

Lantenna Attack
Missouri Gov. Mike Parson
Nicolas Chaillian resigns

Talking about jobs

GPS and AIS spoofing

Thu, 07 Oct 2021 00:00:00 +0000

NCL Keys are out, check Discord or email.

News and Discussion

Facebook Went Down
Twitch Breached

GPS and AIS spoofing by Sophia Kraus

NMAP

Thu, 23 Sep 2021 00:00:00 +0000

Introductions

Talked about NCL, CyberBoat, and Overflow2Fall

News and Discussion

USB C in Europe
Nagios vulnerability

NMAP talk by Stu Kernstock

NCL Discussion

Thu, 02 Sep 2021 00:00:00 +0000

Introductions

GrrCon on the 16th and 17th

Talked about NCL.

Give us your talk ideas or even give a talk.

Join us on involvement link at https://www.involvement.mtu.edu/organization/RedTeam

History of Hacks

Thu, 22 Apr 2021 00:00:00 +0000

News and Discussion

China behind another hack as U.S. cybersecurity issues mount.
Linux bans University of Minnesota for sending buggy patches.
Russia’ Retro Lenin Museum still runs on Apple II Computers.

EBoard Elections

Stu is president.
Trevor is vice president.
Matthew is secretary.
Sophia is treasurer.

Join the CTF committee if you’re interested in creating challenges (dm Trevor)

History of Hacks by Stu Kernstock (ask for title)

Multi-factor Authentication

Thu, 15 Apr 2021 00:00:00 +0000

RedTeam did very well in NCL and our advisors are very happy.

Great Lakes Security Conference this weekend.

There will be many high profile speakers.
The associated CTF will have cash prices. $300 for 1st, $200 for 2nd, $100 for 3rd.

News and Discussion

FBI forcibly patching Microsoft Exchange servers.
UofM CPU Security Research.
EU closer to banning end to end encryption.
FBI arrested man planning to blow AWS site.

Multi-factor Authentication by Stu Kernstock

NCL Team Game This Weekend

Thu, 08 Apr 2021 00:00:00 +0000

Great Lakes Security Conference next weekend

NCL Team game this weekend

News and Discussion

Facebook
Emissions Testing Company Breached

NCL Discussion

Thu, 01 Apr 2021 00:00:00 +0000

BlueTeam meeting (April 1st)

NCL Discussion

Cyber Auditing

Thu, 25 Mar 2021 00:00:00 +0000

NCL Preseason discussion

News and Discussion

ACER hit by ransomware
US treasury advisory from October
Flagstar data breach

Cyber Auditing by guest speaker Aaron Troschinetz

EV & EVSE Security

Thu, 18 Mar 2021 00:00:00 +0000

News and Discussion

Hiding files in Twitter images
Twitter hacker pleads guilty and receives a 3 year sentence
Tesla on autopilot crashes into police vehicle

EV & EVSE Security by Sophia Kraus

Experience as an External Pentester

Thu, 25 Feb 2021 00:00:00 +0000

NCL signups are live. Please fill our the form within a week since we’re on a short time frame.

https://forms.gle/q2FZFecJNkJPpE9m9

News and Discussion

Tax Seasons Ushers in Quickbooks Data-Theft Spike
Health Website Leaks 8 Million COVID-19 Test Results

My Experience as an External Pentester by Sankalp Shastry

Physical Security & Access Controls

Thu, 18 Feb 2021 00:00:00 +0000

Dr. Cai announced the new CyberCorps Scholarship for Service program at MTU. See https://www.mtu.edu/sfs/ for more information. Benefits include full-time tuition and a $25,000 stipend per year for undergraduate students. Information sessions on March 22 and 30 by the way!

News and discussion

Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via Covid-19 Themed Fraud.
France identifies Russia-linked hackers in large cyber-attack.
Cyber-attacks hit two French hospitals in one week.
Mac Malware Targets Apple’s New M1 Processor.

Physical Security & Access Controls by Trevor Hornsby

We’re also proud to announce the “Great Lakes Security Conference” which will be hosted in partnership with NCSA and WolvSec. There will be many high-profile speakers, but if you can recommend anyone let us know. The original RedTeam@MTU and NCSA CTF will be moved to occur during the conference. The conference should be around April 16-18. More information to come.

Winter WonderHack CTF is this weekend. There’ll be prizes for the top teams and possible extra credit for all participants in some classes.

Why Cyber Security People Get Paid

Thu, 11 Feb 2021 00:00:00 +0000

News and discussion

COMB breach
New malware from Chinese APT
Michigan state police cannot use messaging app Signal.
Emotet reverse engineering
Water treatment plant hack

Winter Wonder Hack next weekend. RedTeam will be hosting a CTF so please participate.

Why Cyber Security People Get Paid by Stu Kernstock (a talk about compliance)

Log Analysis

Thu, 28 Jan 2021 00:00:00 +0000

Stu gave some more details on Winter Wonder Hack (WWH) and the NCSA CTF. We’re taking name suggestions for the WWH CTF by the way.

News and Discussion

Emotet Offline after Base of Operations Raided
Apple Warns of 3 IOS Zero Days
Campaign Against the Infosec Community

Log Analysis and Stuff by Stu Kernstock

Winter Wonder Hack & NCSA CTFs

Thu, 21 Jan 2021 00:00:00 +0000

Stu went over the Winter Wonder Hack CTF and NCSA CTF which RedTeam will be hosting (in partnership with NCSA for the latter).

Soph is also looking for budget suggestions. So message her if you have any ideas for cool things RedTeam could acquire, although the budget is basically done by the time I published this.

News and Discussion

Biden’s Peloton Exercise Bike
Malwarebytes Hack
Raindrop Malware
Michigan Tech lore about Sauna John and the Pikachu hats

Machine Learning and cool things you can do with it by Steven Whitaker

Talk from NCSA

Thu, 14 Jan 2021 00:00:00 +0000

Charlez from Networking Computing Student Association (NCSA) stopped by to talk about his organization. They have meetings on Tuesdays at 7:00pm.

Upcoming Events

BambooFox CTF
Winter Wonder Hack CTF
RedTeam + NCSA CTF

If you want to be on a CTF committee contact Stu directly. The committee may be involved with designing challenges for the WHH or RedTeam + CNSA CTF), developing infrastructure, or other tasks.

You should check out CS 4090 if you plan on participating in National Cyber League (NCL).

Make sure to contact Trevor if you have not gotten your mask yet.

News and Discussions

Solarwinds Attack
FireEye
Parler Web Scraping

Business Email Breach Response

Thu, 10 Dec 2020 00:00:00 +0000

Today the alumni: Jack, John, and Trevor, were also present which is of note due to Jack giving a talk today.

News and Discussion

Shane H. got phished through Steam
Google Drive Worm of 2017
FireEye Cybersecurity Firm Breached
Account Hacking Site OGUsers Hacked Again
How FBI tracked Twitter hackers

Business Email Breach Response By Jack Bergman

Breach Overview
Mergers and Acquisition Leading to Compromise
Misconfigurations and Pitfalls
Business Email Compromise
A Twist and Uncharted Territory
Explaining the Operation and Guilty Conscience
Lessons Learned

Ghidra Tools and Functionalities

Thu, 03 Dec 2020 00:00:00 +0000

News and Discussion

Massachusetts on the verge of banning police use of facial recognition
ACLU suing DHS, CBP, and ICE
Cyber Law and Policy.
US military buying location data harvested from popular Muslim apps
Balitmore Public School District hit by Ransomware
New Tesla Car Bluetooth Attack

Introduction to the Ghidra SRE Suite of Tools and its Functionalities By Dakoda Patterson

New RedTeam Discord bot by the way

Kahoot

Thu, 19 Nov 2020 00:00:00 +0000

Advisors are happy with our performance in NCL

News and Discussion

Platypus attack on Intel CPUs
San posts a lot of articles
Blue is the color of security

To the Kahoot game!

Guest Speaker from CISA

Thu, 12 Nov 2020 00:00:00 +0000

Special guest Kelley Goldblatt

Cybersecurity advisor for Michigan and Ohio with the Cybersecurity Infrastructure Security Agency (CISA)
spoke and took questions at today’s meeting.
See https://www.cisa.gov/protect2020 or #protect2020 for more information
Got more questions? Ask Kelley.Goldblatt@hq.DHS.gov

Social Engineering

Thu, 05 Nov 2020 00:00:00 +0000

News and Discussion

Disclosure of Chase Rewards Points exploit
Criminals using Google Drive to infect hospitals with ransomware

What is it?
Stages of Attack
Many different techniques
Protection Methods

NCL team game this weekend

Starts 1pm on Friday

Hashes and Password Cracking

Thu, 29 Oct 2020 00:00:00 +0000

News and Discussion

Windows will remove Adobe Flash in a future update
Among Us Hacking Campaign
Russian Ransomware Campaign on U.S. Healthcare Sector

Hashes and Password Cracking by Stu Kernstock

What’s a hash?
Different hashes
The different tools
Crackstation
Hashcat
John the Ripper
Ophcrack
Aircrack-ng

NCL Team Game

Team game is upcoming
Direct message Stoo if you are interested in a Team Captain role or a more competitive/educational team.

NCL Discussion

Thu, 22 Oct 2020 00:00:00 +0000

Meeting minutes are pretty short due to discussion being open ended.

News

The President’s Twitter account was reportedly compromised
NSA’s publishes list of top 25 vulnerabilities currently targeted by Chinese hackers

NCL Discussion

Cryptography
OSCINT
Network Analysis
Etcetera.

Hardware Reverse Engineering

Thu, 08 Oct 2020 00:00:00 +0000

Fill out the mask design form if you are planning to buy one.

News and discussions

Hacker Uploads Own Fingerprints to Crime Scene
Mercenary Hackers in the Middle East

Hardware Reverse Engineering by Sophia Kraus

Hardware hacking procedure
Applications in forensics
Using X-Rays for PCB analysis
Acupuncture
Basic tools
Questions?

NCL Questions?

Intro to Enumeration & Exploitation

Thu, 01 Oct 2020 00:00:00 +0000

NCL codes are out, please redeem them. We will also have a NCL informal workshop on Saturday starting at noon for a few hours. We’ll go over methods for gym challenges.

News

InterPlanetary Storm Botnet
Emotet Stikes Thousands of DNC Volunteers
NFL and NBA players hacked
Universal Health services hit by cyberattack leading to 4 deaths
Detecting Deep Fakes with a Heartbeat

Introduction to Enumeration & Exploitation by Dakoda Patterson

Python and C Environments
Pycharm
Gcc on Linux
Uncompiled Python
Decompiling Python
GDB, the GNU Debugger
Assembly x86
Objdump
Ghidra
Live demo

News and Random Discussion

Wireless Security

Thu, 24 Sep 2020 00:00:00 +0000

The initial purchase of NCL keys is being finalized as we met with our advisors tonight. Keys after the initial purchase are not guaranteed to arrive quickly.

News

Flaw in millions of IoT devices
Net logon vulnerability is still out there
APT41 Operative Indicted
Fileless malware
Gaming industry and cyberattacks
Alien Android Banking Trojan
Medical institutions lack security
Government compliances and audits

Wireless Security by Matthew Chau

WEP History
Attacking WEP
WPA History
Attacking WPA
Other wireless attacks
Protected management frames

Meeting ends at 6:45pm

Wireshark

Thu, 17 Sep 2020 00:00:00 +0000

Fill out the form on NCL and masks (https://forms.gle/BEeR4csgQcB1Gu5q6)

To prepare for NCL you can check CTF resources, ask questions, or look through past CTFs. In addition, once NCL keys are bought and distributed, you will will have access to the NCL gym.

News

Domain Controller zero day
CISA advisory for Chinese threat actors recently exploiting old (now patched) vulnerabilities in F5 BIG-IP, Citrix, Pulse Secure, and Microsoft Exchange.
Ransomware hitting grade schools in California.
IOS 3D Pixar arbitrary code execution.
Hospital gets hit by ransomware and a patient dies.

WireShark talk by Stu Kernstock

Installing Wireshark.
Capturing and opening packets.
Packet filtering cheat sheet.

Fiat Chrysler Automobiles Opportunities

@isaachermannstellantis8099 and @releasedtoast from FCA are here.
FCA is recruiting for security roles at career fair.
Their emails are pinned in #general if you have questions.

Meeting ends at 7:10pm

Network Reconnaissance Tools

Thu, 10 Sep 2020 00:00:00 +0000

This is the second meeting of the year and Stu starts with discussing the National Cyber League (NCL), CS 4090, and how it helps you.

NCL costs the university money, so please utilize this resource if you commit.
People skipping a semester at tech should be able to still compete in NCL.
CS 4090 is a 1 credit course, repeatable 3 times. To join the class, check the resources channel.
10/23/20 is the individual game. 11/6/20 is the team game.

Trevor then goes over CSAW, its history, and how to join.

CSAW will be taking this weekend from 9/11/20 – 9/13/20.
There is no experience required.
Please see the CTF or CSAWS Discord channels for more information.

Basic Network Reconnaissance Tools by Stu Kernstock

Basic Networking
Nmap and Zenmap
Masscan
Shodan

Please remember that accessing systems from Shodan is legal grey area, and interacting with these systems is ethically wrong. Systems may include critical infrastructure or sensitive data. There are consequences.

K-Day is tomorrow, feel free to hang out and meet new people!

Meeting ends at 7:05pm

First Meeting on Discord

Thu, 03 Sep 2020 00:00:00 +0000

This is the first meeting of the year and first official meeting on Discord.

Meeting began with introductions and ice breakers.

Shark boy and Lava girl: 7
Spy Kids: 11

News and articles time

Ex-Cisco Administrator terminated and retaliated against Cisco
Online Learning Systems DDOS’d
Michigan cyber dogs
NSA surveillance exposed by Snowden was illegal, U.S court rules
Sankalp gives a short talk on a digital forensics paper about cooling computer components to recover data.

Meeting ends at 7:00pm

RedTeam@MTU Meeting Minutes

Introduction to Radio Snooping

Talk

TODAYS MEETING … Introduction to Radio Snooping

Speaker: Tim Peters (W3TLP)

Speaker Background

Radio Snooping…

Radio Frequencies and Bands

Scanner Radios

FCC and Spectrum Use

Common Radio Services

Amateur (Ham) Radio

VHF High Band

VHF Low Band

Airband

Marine VHF

FRS / GMRS

MURS

UHF Business Bands

49 MHz Band

900 MHz ISM Band

Radio Trunking Systems

How Trunking Works

Michigan Public Safety Communications System (MPSCS)

Trunking Scanners

Police Communications

Notes

Post-meeting

Hotel Lock Hacking

Talk

TODAYS TOPIC

What is Saflok?

PACS basics (high-level)

Wiegand stuff (the value on your card)

Where Saflok fits in

Offline pacs is… not great

System 6000 & why this got bad

Card internals (high-level)

Sequencing (important concept)

Patching problems

“Ultralight C is safe”. well not really

Patents = accidental info leak

Tooling

Final plea

Workshop

Post-meeting

NCL Followup

NCL Followup

Overall Results

Scoring Breakdown

Tyler’s Section

OSINT Medium (Flamed)

OSINT Hard

Other Questions

OSINT Takeaways

Password Hard

Strategy

Wordlist Details

Upcoming Meeting

NCL and CTFs

What is NCL?

About the Competition

Difficulty and Rules

NCL Categories

OSINT

Cryptography

Password Cracking

Forensics

Log Analysis

Network Traffic Analysis

Scanning & Reconnaissance

Web App Exploitation

Enumeration & Exploitation

Other Notes

Importance of NCL

RedTeam IDs

TODAY’S TOPIC — Red Team IDs / MIFARE Polyglot Cards !

Background Info…

Security Stuff…

IMPORTANT TO NOTE…