Event Related Our CanSecWest 2012 slides on passive DNS and Picviz – picviz.blogspot.fr Alexandre Dulaunoy from CIRCL.LU and Sebastien Tricaud from Picviz Labs have been talking at CanSecWest 2012 in Vancouver, Canada, on how to scrutinize a country using passive DNS and Picviz. SyScan 2012 Singapore slides – www.xchg.info Conference and slides of SyScan 2012 [...]

Here are information security events in North America this month:   SANS Security West : May 3 to 12 in San Diego, CA USA     GRC Summit Boston 2012 : May 8 to 10 in Boston, MA USA     TakeDownCon 2012 : May 8 to 9 in Dallas, Texas USA     Secure360 [...]

Event Related Hackito Ergo Sum 2012 TALKS // Hackito Ergo Sum 2012 – 2012.hackitoergosum.org In this presentation we will cover critical aspects of web applications, and how these techniques can be used on real life scenario on big (and highly “secured”) websites. These bugs and methods will be able to assist you in your next [...]

Event Related A cyber weapon – alexmgeorge.wordpress.com At RSA 2012 Dave Aitel made a presentation wherein he defined cyber weapons a bit outside of how people normally think. The tried and true metaphor (which I admit to using) is that exploits or frameworks are like guns, and if they’re like guns then it’s easy to [...]

Event Related AppSecDC AppSecDC Recap: Old Webshells, New Tricks – novainfosecportal.com Back in the day web shells were all the rage so I was curious what “new” was happening in this area. Ryan Kazanciyan started off with a summary of some of the more poplar web shells he’s seen in the past several years. AppSecDC [...]

Event Related Pwn2Own Lesson From Pwn2Own: Focus On Exploitability – darkreading.com The Pwn2Own contest earlier this month at the CanSecWest Conference showed off the speed with which knowledgeable security professionals can code exploits for known vulnerabilities. On the failings of Pwn2Own 2012 – scarybeastsecurity.blogspot.com This year’s Pwn2Own and Pwnium contests were interesting for many reasons. [...]