Here are the information security events in North America this month:

• SANS 2009 – March 1-9 in Florida
• InfoSec World Conference and Expo 2009 – March 9-11 in Florida
• SOURCE Boston – March 9-13 in Massachusetts
• CanSecWest 2009 – March 16-20 in Vancouver

We didn’t come across any information security events in the other parts of the world, so I guess this is a quiet month for everyone else. Both the lineups at SOURCE Boston and CanSecWest seem great, and hopefully they will bring us good content as well.

We will be covering CanSecWest, so for the people that are attending, find us and say hi!

Dragos Ruiu just announced the speaker lineup for this year’s CanSecWest conference, being held next month in Vancouver Canada.
The Smart-Phones Nightmare - Sergio ’shadown’ Alvarez
Getting into the SMRAM: SMM Reloaded - Loíc Duflot
Network design for effective HTTP traffic filtering - Jeff "rfp"  Forristal, Zscaler
Ninja Scanning - Fyodor, Insecure.org
On Approaches and [...]

This post is part of the security training review project, and is by Rob (mubix) Fuller. You can find his original post and other content at his blog at Room362.
I recently obtained the status Offensive Security Certified Professional. It is one of the best courses I have ever taken. It challenged me to think and [...]

Here are the information security events in North America this month:

SANS Process Control & SCADA Security Summit – Feb 2-3 in Florida
Shmoocon – Feb 6-8 in Washington DC
Best of Open Source Security Conference – Feb 10-12 in Nevada
Black Hat DC – Feb 18-19 in Virginia

And here are the information security events in the other parts [...]

The official videos from Hack in the Box Malaysia conference are now online via torrent. There are two torrents, and you can find the the Day 1 and Day 2 videos on The Pirate Bay.
For all presentation materials, check out our previous post – HITB 2008 Malaysia Presentations.

A few months ago we mentioned that Elcomsoft was coming out with an application that utilizes Nvidia GPUs to crack WPA and WPA2 keys. That application is now available, and it can also utilize ATI GPUs as well. The $1,199 price tag is quite expensive when you compare it to pyrit, the FREE open source [...]

SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases.
There’re a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql injectors" [...]

Today, SANS and MITRE released their 2009 Top 25 Most Dangerous Programming Errors list.
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because [...]

McAfee Secure published the McAfee Secure Standard last month. It is a high level overview of what test for, to determine if they are “secure” or not.
The McAfee SECURE™ standard is an aggregate of industry best practices, designed to provide a level of security that an online merchant can reasonably achieve to help provide consumers [...]

The presentations from the recent India conference, ClubHack are now online.

Hacking Client Side Insecurities by Aditya K Sood
Immune IT: Moving from Security to Immunity by Ajit Hatti
AntiSpam - Understanding the good, the bad and the ugly by Aseem Jakhar
Reverse Engineering v/s Secure Coding by Atul Alex
Network Vulnerability Assessments: Lessons Learned by Chris Goggans
Economic offenses [...]