Events Related Training At CanSecWest 2011: Analysis of Malicious Documents - esec-lab.sogeti.com Jean-Baptiste and Guillaume will give a course about malicious document analysis during the next CanSecWest Dojo session at Vancouver (March 7th/8th). The course deals with two major cases: PDF and Microsoft Office documents. Nowadays those two file formats have become a common vector [...]
Resources A Look Inside Targeted Email Attacks - symantec.com The number of targeted attacks has increased dramatically in recent years. Major companies, government agencies, and political organizations alike have reported being the target of attacks. The rule of the thumb is, the more sensitive the information that an organization handles, the higher the possibility of [...]
Events Related OWASP AppSec 2011 Capture The Flag briefings Capture The Flag - www.appsecusa.org/ctf.html AppSecUSA CTF! Another Write Up - notsosecure.com Resources Whitepaper "Python Arsenal For Reverse Engineering" - dsecrg.com This whitepaper (beta release) is a collection of various Python engines, extensions, libraries, shells, that aids in the job code for understanding, analyzing and sometimes breaking. [...]
Resources Electronic Frontier Foundation Know Your Rights! Guide Your computer, your phone, and your other digital devices hold vast amounts of personal information about you and your family. Can police officers enter your home to search your laptop? The Electronic Frontier Foundation (EFF) has answers to these questions in our new "Know Your Digital Rights" [...]
Here are information security events in North America this month: ReCon 2011: July 8 to July 11 in Montreal SANSFIRE 2011: July 15 to July 25 in Washinton, DC SOUPS 2011: July 20 to July 23 in Pittsburgh TRISC 2011: July 24 to July 27 in Austin PETS 2011: July 27 to July 30 in [...]
Resources ToorCon Seattle 2011 Browser Exploit Packs - secniche.blogspot.com We gave a talk at ToorCon about the high level details of BlackHole. We will be releasing more details and complete talk in the upcoming conferences that are scheduled later this year. OWASP DC's videos - vimeo.com Video archive of OWASP DC lectures and presentations. Notacon [...]
Events Related ENISA First 2011 The European Network & Information Security Agency (ENISA) formed in 2004. The agency supports the commission and the EU member states in the area of information security. Facilitate the exchange of information between EU institutions, the public sector and the private sector. Security Challenges for Future Systems - blog.c22.cc #First2011-Remediating [...]
Events Related Defcon 19 Quals For the third year, I competed with team Shellphish in the Defcon quals. We pulled through with some amazing points at the end to finish in 8th place. My successful contributions, however, were really only with respect to Forensics 100 and 300 Defcon 19 Quals Forensics 100 and Forensics 300 [...]
Events Related PH-Neutral, My First and Last One - blog.rootshell.be What differentiate PH-Neutral from the other conferences? It’s different that’s all! Don’t try to find something equivalent on earth! It’s a mix of party, drinks, talks (yes, there was and good ones!) and social networking. Honestly I never saw so many top-notch hackers per square [...]
Each week, we’ll highlight a major city in the US and cover the places and events you can go to in that area to get your security information fix. This post is part of the information security communities. The city of angels is a diverse melting pot that's also Hollywood's beating heart. Thanks to the [...]