Week 10 in Review – 2013

Published: March 11th, 2013 | Category: Security Conferences, Security Tools, Security Vulnerabilities | (0) Comments

Event Related DEP-ASLR bypass without ROP-JIT.pdf – docs.google.com This is a pdf file from the event CanSecWest 2013 Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k – theregister.co.uk It’s back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over [...]

Week 13 in Review – 2012

Published: April 2nd, 2012 | Category: Hacking Contests, Security Conferences, Security Tools, Security Vulnerabilities | (2) Comments

Event Related Pwn2Own Lesson From Pwn2Own: Focus On Exploitability – darkreading.com The Pwn2Own contest earlier this month at the CanSecWest Conference showed off the speed with which knowledgeable security professionals can code exploits for known vulnerabilities. On the failings of Pwn2Own 2012 – scarybeastsecurity.blogspot.com This year’s Pwn2Own and Pwnium contests were interesting for many reasons. [...]

Week 11 in Review – 2012

Published: March 19th, 2012 | Category: Security Conferences, Security Tools, Security Vulnerabilities, Security Workshops | (0) Comments

Event Related Black Hat Europe 2012 Summaries, Updates and Tools BlackHat Europe 2012 Day #1 Wrap-Up – blog.rootshell.be BlackHat is back in Europe and, this year, they moved back to Amsterdam! This edition also introduced a new format: A three-days conference with three simultaneous tracks. BlackHat Europe 2012 Day #2 Wrap-Up – rootshell.be And I’m [...]

Week 10 in Review – 2012

Published: March 12th, 2012 | Category: Hacking Contests, Security Conferences, Security Tools, Security Vulnerabilities, Uncategorized | (1) Comment

Event Related CanSecWest CanSecWest evolving – blog.securiteam.com Let me say, right off the top, that I love CanSecWest. I am tired of “vendor” conferences, where you pay outrageous fees for the privilege of sitting through a bunch of sales pitches. At least CanSecWest has real information, as opposed to virtual information. CanSecWest Day 1 Pen [...]

Week 10 in Review – 2011

Published: March 14th, 2011 | Category: Local Meetings, Security Tools, Security Training, Security Vulnerabilities | (0) Comments

Events Related CanSecWest Event debriefing CanSecWest, a decade later and still growing – privasectech.com CanSecWest 2011 day 1 – the-interweb.com CanSecWest 2011 day 2 – the-interweb.com CanSecWest 2011 day 3 – the-interweb.com Highlights of CanSecWest Day 1 – blogs.mcafee.com Highlights of CanSecWest Day 2 – blogs.mcafee.com Understanding and Exploiting Flash Vulnerabilities – log.fortinet.com CanSecWest Presentations [...]

Week 5 In Review – 2011

Published: February 7th, 2011 | Category: Hacking Contests, Local Meetings, Security Conferences, Security Tools, Security Training, Security Vulnerabilities, Security Workshops | (0) Comments

Events Related ShmooCon 2011 Getting to ShmooCon each year is always challenging (as is trying to get home). Mother Nature seems to enjoy disrupting the travel to and from the conference, which is held in Washington, D.C in January or February of each year. ShmooCon 2011 – intrepidusgroup.com ShmooCon 2011 Conference Wrap Up – blog.tenablesecurity.com [...]

CanSecWest 2010 in Pictures

Published: March 29th, 2010 | Category: Hacking Contests, Security Conferences, Security Tools, Security Vulnerabilities | (3) Comments

CanSecWest 2010 banners Tom Gallagher and David Conger from Microsoft talk about distributed file fuzzing and the Microsoft Office 2010 security model. Some other notes from their talk: Office supports 300 file formats. each can have different sub formats .wpd extension has 3 different parsers. fuzzing surface=huge Microsoft built their own distributed fuzzer system [...]