Event Related CanSecWest CanSecWest evolving – blog.securiteam.com Let me say, right off the top, that I love CanSecWest. I am tired of “vendor” conferences, where you pay outrageous fees for the privilege of sitting through a bunch of sales pitches. At least CanSecWest has real information, as opposed to virtual information. CanSecWest Day 1 Pen [...]

Event Related RSA Conference 2012 RSA Conference 2012: Stress and burnout in infosec careers- csoonline.com IT security professionals are experiencing extreme levels of stress and burnout, but they have few places to turn for help. RSA Conference Photos- tripwire.com Here are our photos from the RSA Conference 2012. Each day of the show, we asked [...]

Resources A look at ASLR in Android Ice Cream Sandwich 4.0 – blog.duosecurity.com For the uninitiated, ASLR randomizes where various areas of memory (eg. stack, heap, libs, etc) are mapped in the address space of a process. The Ultimate OS X Hardening Guide Collection – isc.sans.edu Many security professionals tend to use OS X systems. [...]

Event Related OWASP AppSec USA 2011 Schedule/Slides/Video – appsecusa.org Schedule, slides, and video for OWASP AppSec USA 2011 – September 20-23 ShmooCon 2012 – January 27-29 – Presentations – shmoocon.org ShmooCon 2012 Presentations and Videos available here. FOSDEM 2012 – First video recordings uploaded! – fosdem.org We are pleased to announce that the first video [...]

Event Related ShmooCon Firetalks 2012 ShmooCon Firetalks 2012 – irongeek.com These are the videos I have for the ShmooCon Firetalks 2012. ShmooCon Epilogue 2012 – irongeek.com These are the videos I have for ShmooCon Epilogue 2012. Georgia recorded the live parts, and my rig was used for the slides. Sorry that there are some missing [...]

Event Related ShmooCon 2012 Updates, Videos, Slides and Presentation Five Ways We’re Killing Our Own Privacy – scribd.com/doc Slides from ShmooCon and Firetalks Presentation Attacking Prox Card Systems – opensecurityresearch.com Slides and Code from Brad Antoniewicz’s awesome talk on Attacking Prox Card Systems Shmoocon 2012 – tombom.co.uk In the absence of an “official” download link [...]

Event Related Shmoocon 2012 ShmooCon 2012: Raising The White Flag – blog.c22.cc Whitelisting is often touted as a replacement for AV. Despite the fact that something better than AV is needed, application whitelisting isn’t the solution. Their purpose seems good, for the execution is lacking. Things are headed in the right direction, but using simple [...]

Event Related Infiltrate  Conference “Voight-Kampff’ing The BlackBerry PlayBook” at INFILTRATE 2012 – intrepidusgroup.com We gave a talk at Immunity’s awesome INFILTRATE conference in Miami Beach, FL. Our presentation, “Voight-Kampff’ing The BlackBerry Playbook”, discussed some of the blackbox style, independent research we performed on the BlackBerry PlayBook. Infiltrate Wrap Up – blog.opensecurityresearch.com Our industry is getting [...]

Resources How Modern Cars Can Be Cracked – autosec.org SOURCE Barcelona Resources from September 2011 – sourceconference.com Links, articles, and media from the event. OSCP-My Review – proactivedefender.blogspot.com The OSCP certification is an offensive security course which teaches the attacking side of Information Security and is largely aimed at those wanting to become penetration testers. [...]

Events Related Highlights from the 28th Chaos Communications Congress – advocacy.globalvoicesonlne.org The Chaos Communications Congress is the annual meetup of Germany’s Chaos Computer Club, one of the oldest hacker collectives in the world. It takes place in Berlin every year at the height of the holiday season between Christmas and New Year’s Eve, a time [...]