Events Related Training At CanSecWest 2011: Analysis of Malicious Documents – esec-lab.sogeti.com Jean-Baptiste and Guillaume will give a course about malicious document analysis during the next CanSecWest Dojo session at Vancouver (March 7th/8th). The course deals with two major cases: PDF and Microsoft Office documents. Nowadays those two file formats have become a common vector [...]

Resources CanSecWest Vancouver 2011 Presentation Files – cansecwest.com Comprehensive list of presentations during the recently concluded CanSecWest 2011 The Symantec Internet Secuirty Threat Report Volume 16 Is Here! – symantec.com We are pleased to announce that Volume 16 of the Symantec Internet Security Threat Report (ISTR) is now available. Jeremiah Grossman Reveals His Process For [...]

Events Related CanSecWest Event debriefing CanSecWest, a decade later and still growing – privasectech.com CanSecWest 2011 day 1 – the-interweb.com CanSecWest 2011 day 2 – the-interweb.com CanSecWest 2011 day 3 – the-interweb.com Highlights of CanSecWest Day 1 – blogs.mcafee.com Highlights of CanSecWest Day 2 – blogs.mcafee.com Understanding and Exploiting Flash Vulnerabilities – log.fortinet.com CanSecWest Presentations [...]

Here are the information security events in North America this month: The 2011 Governance, Risk Management, and Compliance Summit: March 1 to 3 in San Francisco Atlantic Security Conference 2011: March 3 to 5 in Halifax BSides Halifax: March 5 to 6 in Halifax SANS AppSec 2011: March 7 to 15 in San Francisco CanSecWest [...]

Events Related: OWASP BeNeLux Day 2010 Wrap Up – rootshell.be Yesterday, the three OWASP Benelux chapters organized together their annual OWASP BeNeLux day. Ok folks, secwest11@cansecwest.com is live and the countdown timer goes to December 29th for entries to CanSecWest 2011 Call For Papers – twitter.com, @dragosr BayThreat was awesome, do it again! – mckeay.net Which [...]

CanSecWest 2010 banners Tom Gallagher and David Conger from Microsoft talk about distributed file fuzzing and the Microsoft Office 2010 security model.    Some other notes from their talk: Office supports 300 file formats. each can have different sub formats .wpd extension has 3 different parsers. fuzzing surface=huge Microsoft built their own distributed fuzzer system [...]

Dragos Ruiu just announced the speaker lineup for this year’s CanSecWest conference, being held next month in Vancouver Canada. The Smart-Phones Nightmare – Sergio ‘shadown’ Alvarez Getting into the SMRAM: SMM Reloaded – Loíc Duflot Network design for effective HTTP traffic filtering – Jeff "rfp"  Forristal, Zscaler Ninja Scanning – Fyodor, Insecure.org On Approaches and [...]

Another great event ran by Dragos and crew. I want to thank them for letting me cover the event on Twitter and the Infosec Events blog. My pictures are now up on flickr, and Ryo’s flickr page has a ton of pictures as well. Now lets celebrate another successful event by opening a champagne bottle [...]

Most Informative Talk: Intelguardians‘ cold memory forensics workshop. They leveraged the Princeton/Wind River/EFF research paper, and created two tools to extract passwords from a memory dump. The tools weren’t released at the conference, but they promise that it will be available soon. Two people from the original research (Jacob Appelbaum and William Paul) was also [...]