Tools: Metasploit updates keylogger, osx support XSS Rays – thespanner.co.uk Lynis – linux auditing tool – rootkit.nl OWASP Code Review Guide 1.1 – owasp.org Other News: Register.com DNS DDOS Register.com suffers DNS problems – theinquirer.net DNS Providers Under Attack – isc.sans.org ATM card skimmers A Man Finds an Actual Card Skimmer in the Wild, in [...]
Here are the information security events in North America this month: NOTACON 6 – April 16-19 in Cleveland RSA Conference 2009 – April 20-24 in California USENIX Workshop on Large-Scale Exploits and Emergent Threats – April 21 in Massachusetts And here are the information security events in the other parts of the world: Hack in [...]
Tools: Tunneling data via VoIP - highdatasecurity.com OWASP Software Assurance Maturity Model HP SWFScan Other News: Washington D.C. Restaurants Become Credit Card Cloning Hot Spots – wired.com
Here are the information security events in North America this month: SANS 2009 – March 1-9 in Florida InfoSec World Conference and Expo 2009 – March 9-11 in Florida SOURCE Boston – March 9-13 in Massachusetts CanSecWest 2009 – March 16-20 in Vancouver We didn’t come across any information security events in the other parts [...]
Dragos Ruiu just announced the speaker lineup for this year’s CanSecWest conference, being held next month in Vancouver Canada. The Smart-Phones Nightmare - Sergio 'shadown' Alvarez Getting into the SMRAM: SMM Reloaded - Loíc Duflot Network design for effective HTTP traffic filtering - Jeff "rfp" Forristal, Zscaler Ninja Scanning - Fyodor, Insecure.org On Approaches and [...]
This post is part of the security training review project, and is by Rob (mubix) Fuller. You can find his original post and other content at his blog at Room362. I recently obtained the status Offensive Security Certified Professional. It is one of the best courses I have ever taken. It challenged me to think [...]
Here are the information security events in North America this month: SANS Process Control & SCADA Security Summit – Feb 2-3 in Florida Shmoocon – Feb 6-8 in Washington DC Best of Open Source Security Conference – Feb 10-12 in Nevada Black Hat DC – Feb 18-19 in Virginia And here are the information security [...]
The official videos from Hack in the Box Malaysia conference are now online via torrent. There are two torrents, and you can find the the Day 1 and Day 2 videos on The Pirate Bay. For all presentation materials, check out our previous post – HITB 2008 Malaysia Presentations.
A few months ago we mentioned that Elcomsoft was coming out with an application that utilizes Nvidia GPUs to crack WPA and WPA2 keys. That application is now available, and it can also utilize ATI GPUs as well. The $1,199 price tag is quite expensive when you compare it to pyrit, the FREE open source [...]
SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases. There're a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql [...]