Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. The Bay Area scene is very active and covers a broad spectrum, so expect local professional groups [...]
Events Related Notes from BlackHat 2011 Below are more than a dozen updates and resource portals for the recently concluded BlackHat conference. Tavis Ormandy's Sophail Presentation - anti-virus-rants.blogspot.com BlackHat 2011 Presentation - sensepost.com Black Hat USA 2011 - f-secure.com BH2011: Hacking Google Chome OS - nakedsecurity.sophos.com BlackHat 2011: Macs in the age of the APT [...]
Resources Strategies To Mitigate Targeted Cyber Intrusions - dsd.gov.au Australian computer networks are being targeted by adversaries seeking access to sensitive information. A commonly used technique is social engineering, where malicious “spear phishing” emails are tailored to entice the reader to open them. Users may be tempted to open malicious email attachments or follow embedded [...]
Here are information security events in North America this month: BSides Las Vegas: August 3 to August 5 in Las Vegas DefCon 19: August 4 to August 8 in Las Vegas SANS Boston: August 6 to August 15 in Boston BSides Los Angeles: August 18 to August 20 in Los Angeles SANS Security Architecture: August [...]
Events Related Training At CanSecWest 2011: Analysis of Malicious Documents - esec-lab.sogeti.com Jean-Baptiste and Guillaume will give a course about malicious document analysis during the next CanSecWest Dojo session at Vancouver (March 7th/8th). The course deals with two major cases: PDF and Microsoft Office documents. Nowadays those two file formats have become a common vector [...]
Resources A Look Inside Targeted Email Attacks - symantec.com The number of targeted attacks has increased dramatically in recent years. Major companies, government agencies, and political organizations alike have reported being the target of attacks. The rule of the thumb is, the more sensitive the information that an organization handles, the higher the possibility of [...]
Events Related OWASP AppSec 2011 Capture The Flag briefings Capture The Flag - www.appsecusa.org/ctf.html AppSecUSA CTF! Another Write Up - notsosecure.com Resources Whitepaper "Python Arsenal For Reverse Engineering" - dsecrg.com This whitepaper (beta release) is a collection of various Python engines, extensions, libraries, shells, that aids in the job code for understanding, analyzing and sometimes breaking. [...]
Resources Electronic Frontier Foundation Know Your Rights! Guide Your computer, your phone, and your other digital devices hold vast amounts of personal information about you and your family. Can police officers enter your home to search your laptop? The Electronic Frontier Foundation (EFF) has answers to these questions in our new "Know Your Digital Rights" [...]
Here are information security events in North America this month: ReCon 2011: July 8 to July 11 in Montreal SANSFIRE 2011: July 15 to July 25 in Washinton, DC SOUPS 2011: July 20 to July 23 in Pittsburgh TRISC 2011: July 24 to July 27 in Austin PETS 2011: July 27 to July 30 in [...]
Resources ToorCon Seattle 2011 Browser Exploit Packs - secniche.blogspot.com We gave a talk at ToorCon about the high level details of BlackHole. We will be releasing more details and complete talk in the upcoming conferences that are scheduled later this year. OWASP DC's videos - vimeo.com Video archive of OWASP DC lectures and presentations. Notacon [...]