Events Related DefCon 2011 Leftover notes and resources five weeks after. Crack Me If You Can teams - contest.korelogic.com Crack Me If You Can InsidePro - contest.korelogic.com Crack Me If You Can team john users - contest.korelogic.com The Art of Exploiting Lesser Known Injection Flaws Revealed At BlackHat - penetration-testing.7safe.com The audience at Black Hat, Las Vegas [...]
Events Related BlackHat 2011 Leftover media, articles, and resources Sights and SOund sof BlackHat USA 2011 (Gallery) - darkreading.com LDAP/XPATH Injection Tools - notsosecure.com BlackHat 2011 Resource Portal - blackhat.com DefCon 19 Interesting stuff from Vegas Five Questions About Aaron Barr's DefCon - threatpost.com DefCon 2011: SSL and the future of payloads - nakedsecurity.sophos.com Resources Cisco [...]
Events Related BlackHat 2011 Leftover notes and resources. Defcon/BlackHat Slides, Whitepaper, Tools - mcgrewsecurity.com BlackHat According to Twitter - blog.thinkst.com BlackHat Twitter Feed port 4848 - twitter.com BlackHat Twitter Feed Ws-attacks.org - twitter.com BlackHat Twitter Feed Tools For Soap - twitter.com Bit-squatting, DNS Hijacking Without Exploitation - nakedsecurity.sophos.com New Free Tool Helps Gather Attacker's Footprints [...]
Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. The Bay Area scene is very active and covers a broad spectrum, so expect local professional groups [...]
Events Related Notes from BlackHat 2011 Below are more than a dozen updates and resource portals for the recently concluded BlackHat conference. Tavis Ormandy's Sophail Presentation - anti-virus-rants.blogspot.com BlackHat 2011 Presentation - sensepost.com Black Hat USA 2011 - f-secure.com BH2011: Hacking Google Chome OS - nakedsecurity.sophos.com BlackHat 2011: Macs in the age of the APT [...]
Resources Strategies To Mitigate Targeted Cyber Intrusions - dsd.gov.au Australian computer networks are being targeted by adversaries seeking access to sensitive information. A commonly used technique is social engineering, where malicious “spear phishing” emails are tailored to entice the reader to open them. Users may be tempted to open malicious email attachments or follow embedded [...]
Events Related Training At CanSecWest 2011: Analysis of Malicious Documents - esec-lab.sogeti.com Jean-Baptiste and Guillaume will give a course about malicious document analysis during the next CanSecWest Dojo session at Vancouver (March 7th/8th). The course deals with two major cases: PDF and Microsoft Office documents. Nowadays those two file formats have become a common vector [...]
Resources A Look Inside Targeted Email Attacks - symantec.com The number of targeted attacks has increased dramatically in recent years. Major companies, government agencies, and political organizations alike have reported being the target of attacks. The rule of the thumb is, the more sensitive the information that an organization handles, the higher the possibility of [...]
Events Related OWASP AppSec 2011 Capture The Flag briefings Capture The Flag - www.appsecusa.org/ctf.html AppSecUSA CTF! Another Write Up - notsosecure.com Resources Whitepaper "Python Arsenal For Reverse Engineering" - dsecrg.com This whitepaper (beta release) is a collection of various Python engines, extensions, libraries, shells, that aids in the job code for understanding, analyzing and sometimes breaking. [...]
Resources Electronic Frontier Foundation Know Your Rights! Guide Your computer, your phone, and your other digital devices hold vast amounts of personal information about you and your family. Can police officers enter your home to search your laptop? The Electronic Frontier Foundation (EFF) has answers to these questions in our new "Know Your Digital Rights" [...]