Here are information security events in North America this month: IEEE International Symposium on Hardware Oriented Security and Trust (HOST 2016) : May 3 to 5 in McLean, VA, USA Cyber Security Summit Dallas 2016 : May 3 in Dallas, TX, USA SecureWorld Kansas City 2016 : May 4 in Kansas City, [...]
Events Related OWASP AppSec California 2016 - www.youtube.com Resources SyScan360 Singapore 2016 slides and exploit code - reverse.put.as The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used [...]
Resources Understanding and Hardening Linux Containers - www.nccgroup.trust In general, this operating system virtualization via Linux Containers is an attractive feature for efficiency, speed and modern application deployment, however many would-be adopters continue to question the security of these technologies or platforms. Techniques How I Hacked Facebook, and Found Someone's Backdoor Script - devco.re With [...]
Events Related CanSecWest - www.slideshare.net BSides Nashville 2016 Videos - www.irongeek.com Infiltrate 2016 - infiltratecon.com Resources Ransomware: Past, Present, and Future - blog.talosintel.com The rise of ransomware over the past year is an ever growing problem. Businesses often believe that paying the ransom is the most cost effective way of getting their data back - [...]
Events Related Tailoring the NIST Cybersecurity Framework for a Precise Fit - www.tenable.com One thing caught my attention right away: there were two digital clocks prominently displayed on either side of the auditorium. Both clocks were synchronized, and according to my phone, they were accurate to the second. It makes sense because NIST is the [...]
Events Related Central Ohio Infosec Summit 2016 Videos - www.irongeek.com These are the videos from the Central Ohio Infosec Summit conference. Cyphercon 2016 Videos - www.irongeek.com These are the videos from the Cyphercon 2016 conference. TROOPERScon - www.youtube.com Resources pysap - github.com This Python library provides modules for crafting and sending packets using SAP's NI, Message Server, Router, RFC, [...]
Here are information security events in North America this month: DakotaCon 2016 : April 1 to 3 in Madison, WI, USA WiCyS 2016 : April 1 to 2 in Dallas, TX, USA InfoSec World Conference & Expo 2016 : April 4 to 6 in Lake Buena Vista, FL, USA InfoWarCon 2016 [...]
Resources More on Purple Teaming - carnal0wnage.attackresearch.com Purple Teaming is "conducting focused Red Teams with clear training objectives for the Blue Team." SDR Radio Academy: Reverse engineering a wireless car key fob - phasenoise.livejournal.com The Software Defined Radio Academy has the goals of attract Radio Amateurs to modern radio technology and show paths into SDR. Tools [...]
Events Related Pwn2Own 2016: Hackers Earn $460,000 for 21 New Flaws - securityweek.com On the first day, contestants earned $282,500 for vulnerabilities in Safari, Flash Player, Chrome, Windows and OS X. On the second day, Tencent Security Team Sniper took the lead after demonstrating a successful root-level code execution exploit in Safari via a use-after-free flaw in Safari [...]
Events Related Another year, another RSAC - www.cerias.purdue.edu I have attended 10 of the last 15 RSA conferences. I do this to see what’s new in the market, meet up with friends and colleagues I don’t get to see too often, listen to some technical talks, and enjoy a few interesting restaurants and taverns in SF. [...]