Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. Portland is regarded as one of the greenest cities on earth, a self-proclaimed city of roses whose cosmopolitan [...]

. Here are the information security events in North America this month: 18th Annual Network & Distributed System Security Symposium: February 6 to 9 in San Diego BSides San Francisco: February 14 to 15 in San Francisco RSA Conference 2011: February 14 to 18 in San Francisco BSides Cleveland: February 18 in Cleveland SANS Phoenix: [...]

Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. This northern Virginia houses the headquarters of several federal agencies and so it’s not surprising that a [...]

. Here are the information security events in North America this month: BSides MSP: January 7 in St. Paul BlackHat DC: January 16 to 19 in Arlington SANS Security East: January 20 to 27 in New Orleans DOD Cyber Crime Conference 2011: January 21 to 28 in Atlanta Shmoocon: January 28 to 30 in Washington, [...]

Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. It doesn’t get any hotter than Phoenix, in the literal sense. The intense climate is nothing to [...]

Resources: Common Weakness Scoring System (CWSS) – cwe.mitre.org So for each weakness in the architecture, design, code or implementation that might be introduced into an application, which in some cases can contribute to a vulnerability within that software, we need to be able to reason and communicate about the relative importance of different weaknesses. Brief [...]

Events Related: RSnake, Web Security and a few beers – andlabs.org Reminiscing Black Hat Abu Dhabi. DojoCon Follow-Up – novainfosecportal.com Although there was a formal CFP, everything else followed a traditional unconference format. SANS SEC660: Post Mortem – c22.cc The class is designed to cover the ground between the SEC560 Network Penetration Testing class and [...]

Resources: Impersonating The Domain Administrator via SQL Server – commonexploits.com A recent presentation I gave for 7Safe. It demonstrates how it is possible to fully compromise the domain using a fully patched Microsoft SQL server that has a firewall enabled. RuxCon 2010 Materials – ruxcon.org.au Talk PDFs now posted. Nuff said. New SANS Course – [...]

. Here are the information security events in North America this month: Hackers to Hackers Conference 2010: December 3 in Cancun SANS WhatWorks in Incident Detection and Log Management Summit 2010: December 8 to 9 in Washington, DC BayThreat: December 10 to 11 in Mountain View DojoCon 2010: December 11 to 12 in Dulles . [...]

Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. Disneyland! Well, what else is there in Orlando beside America’s flagship theme park? Well infosec, of course. [...]