BSides RDU 2019 Blog

BSides RDU was held October 18, 2019 and the theme was security dumpster fire!

Here are some locals talking about their experience at the conference.

5.22.2019 Google Plaintext Passwords

News came out yesterday, May 21, that Google had stored passwords in plaintext.

DC919 received an email notification that 2 users had a password stored in plaintext.  “Google Planned Action: for your security, starting tomorrow Wednesday May 22, 2019 PT we will force a password change unless it has already been changed prior to that time.”

Admin checked the 2 users, they had only basic email access and Last Sign In: “Hasn’t signed in”  The passwords stored were Google’s own auto-generated passwords.  Previous to today, admin had the option to view the auto-generated password for a user after reset.  Today, this is no longer an option.  DC919 always forced the user to change their password on first login.  The 2 users have been suspended and the group members the accounts belonged to have been contacted.

BSides RDU 2018 Blog

It was an exciting weekend for DC919 and other local cyber security enthusiasts alike.

On Friday and Saturday night we crammed ourselves into Basement Con ’18 where we worked hard to help prepare for the upcoming BSides RDU. It was great to see everyone working this weekend towards making our security community even more awesome.

That event is happening this Friday, October 19th, at the Carolina theatre in Durham, NC. For more information check out, registration is free, and it will surely be a great time.


We extended our enthusiasm for security into Sunday at the DC919 Digital Forensics and Incident Response class. The presenter was Michael Solomon who did a fantastic job leading the groups largest meetup to date. For this presentation the prerequisites included making sure you had two virtual machines packed with the tools necessary to work through the objectives. One virtual machine had SIFT Workstation which is a “group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings” according to the SANS website that hosts the download. The other virtual machine was to be windows 7 or higher and would need several items installed on it, including FTK Imager, AutoRuns, EDD, PE Studio, and more.

The 3 main topics intended to be covered were Host based Forensic Acquisition, Malware Persistence and Timeline Analysis. Due to the time constraints we were only able to cover the first two, but Michael did a great job of making the slides available to continue, and to offer his time for those that wished to continue or had further questions. We covered a lot of topics in this class, including chain of custody, avoiding evidence corruption, file system layers, windows timestamps, evidence acquisition, encryption, the registry, malware traits, persistent locations, and how to use the tools.

After going through the foundational concepts, we progressed to the hands-on portion of the presentation, and I must say, it was thrilling! After exploring and using the tools, we ultimately were able to analyze a malware sample using autoruns and PE studio. This was awesome!

As normal, we extended into social hour at the local ‘dive’, Bralies, where we spent more time socializing and discussing current events in security and around our community.


There are several cyber security events happening soon that some of the DC919 members will be involved with. As noted earlier in this article, BSides RDU is coming up THIS Friday at the Carolina Theatre. It’s free to register, so we hope to see you there.

On Friday October 26th, the Raleigh ISSA is holding Triangle InfoSeCon. DC919 will have a booth there so make sure to stop by and see us!

Also, ntropy-unc is still hosting meetings on Mondays at UNC between 8 and 9pm. For more information check out their website

Finally, the next DC919 meeting is also going to be awesome! Our lovely Ms. Mouse will be presenting a Capture the Flag instructional demonstration on November 11th. Feel free to RSVP on the meetup page. See ya there!