Next Page >>
Computer Security
brings together researchers from academia and industry within
Europe and beyond to present and discuss current topics in applied
network and systems security.
The conference program includes eight presentations of scientific
papers from different areas of computer security. Moreover, the
conference features three invited talks given by renowned experts:
* John McHugh, RedJack LLC and University of North Carolina
The Cyclic Nature of Computer Security, or Must we always go in
circles?
would like to present their latest IT
security research.
-- Industry experts who would like to influence
what is taught in undergraduate and graduate
computer security curricula.
-- Industry experts who can update academia on
the current state of real-world IT security.
-- Computer, Security, and Privacy Law experts
themselves, affecting virtually every existing implementation. Even in
the last couple of years, researchers were still working on security
problems in the core protocols.
The discovery of vulnerabilities in the TCP/IP protocol suite usually
led to reports being published by a number of CSIRTs (Computer Security
Incident Response Teams) and vendors, which helped to raise awareness
about the threats and the best mitigations known at the time the reports
were published. Unfortunately, this also led to the documentation of the
discovered protocol vulnerabilities being spread among a large number of
documents, which are sometimes difficult to identify.
* DoS/DDoS response and mitigation, botnets
* Authentication and access control
* Security in the cloud
* Protection of critical infrastructure
* Security in mobile systems
* Computer security incident response teams (CSIRTs): creation,
management, experiences
* Security in corporate environments, compliance and auditing, return on
security investments
* Security management (procedures, operational logs, records, etc.)
* Risk management in Information Security
* DoS/DDoS response and mitigation, botnets
* Authentication and access control
* Security in the cloud
* Protection of critical infrastructure
* Security in mobile systems
* Computer security incident response teams (CSIRTs): creation,
management, experiences
* Security in corporate environments, compliance and auditing, return on
security investments
* Security management (procedures, operational logs, records, etc.)
* Risk management in Information Security
About CYBSEC S.A. Security Systems
-----------------------------------
Since 1996 CYBSEC S.A. is devoted exclusively to provide professional services specialized in Computer Security. More than 150 clients around the
globe validate our quality and professionalism.
To keep objectivity, CYBSEC S.A. does not represent, neither sell, nor is associated with other software and/or hardware provider companies.
Our services are strictly focused on Information Security, protecting our clients from emerging security threats, mantaining their IT deployments
available, safe, and reliable.
Beyond professional services, CYBSEC is continuosly researching new defense and attack techiniques and contributing with the security community with
----------------------------------------------------------------------------------------------------------------
ACSAC 2009: Deadline extended (panels June 10; papers, case studies, workshops, tutorials: June 8)
----------------------------------------------------------------------------------------------------------------
25th Annual Computer Security Applications Conference (ACSAC)
December 7-11, 2009
Honolulu, Hawaii
CALL FOR PARTICIPATION: SUBMISSION DEADLINE EXTENDED
Our website is now open for submissions: http://www.acsac.org
Last month we announced a technology event called Campus Party EU
(http://www.campus-party.eu/home-en.html), which will take place
between 14 and 18 April 2010 in Madrid (Spain). We distributed a Call
For Participants, in which the chosen participants would attend
different talks given by great and well-known computer security
speakers (Joanna Rutkowska, Stefano Di Paola...), participate in a
hacking contest, and enjoy the other areas of the event, interacting
with other European colleagues interested in new technologies and
innovation too.
Permalink:
http://www.ocert.org/advisories/ocert-2011-003.html
--
Andrea Barisani | Founder & Project Coordinator
oCERT | OSS Computer Security Incident Response Team
<lcars@ocert.org> http://www.ocert.org
0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
"Pluralitas non est ponenda sine necessitate"
05-Dec-2011 - Vendor releases v4.4.5 and 4.6.1
12-Dec-2011 - Disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design,
forensics and risk mitigation services.
________
null – The open security community (http://null.co.in) , a non-profit
initiative,
is a community of security professionals who have passion for security
research and contribute towards research and development, knowledge sharing
in the field of computer security.
nullcon Goa 2010 is our First effort towards organizing an
International Hack Fest
and is totally a community driven effort by the members of null community.
to continue searching through DESLock+.
About Digit Security Ltd
----------------------------------
Digit Security is a computer security consultancy based in the United
Kingdom, albeit with a slight difference. The company is a co-operatively
controlled entity comprised of professionals who are experts in their
respective fields. Thus, as a corollary, nearly everyone at Digit Security
is a both a Consultant, Developer and a Director (although we prefer the
term 'equal').
--- U21 category:
We don't take the age so serious as it might sound but this category is
especially for young security researchers who are *not* working in a
professional sense yet, e.g. (full-time) students, or attending college,
technical school or just interested in computer security. We will also
accept submissions if you are a little bit older than 21 years.
Don't be shy if your idea is not groundbreaking or not the top
vulnerability discovered in the last 5 years. There's always room for
some extra hacking. :)
We want to encourage you to submit your *own* research.
> There's an easy fix for this. Wait a few months for Asus to ship
> systems with Windows 7.
>
> Otherwise this is very much not anything different then when someone
> else years and years ago said that IBM laptops or Dell computers
> were shipped in this manner and a basic law of computer security.
> Show me a OEM build of a XP and this is how they ship. With all due
> respect, if you want me to click on your web site, how about coming
> up with a "vulnerability" that wasn't discussed on this very list in
> 2004? http://marc.info/?l=vulndiscuss&m=109568970316652&w=2
>
CONFidence we would like to sincerely inform and invite you to the
next event which will be held in Krakow, on the 25-26 May.
########## CONFidence & PH-NEUTRAL ##########
CONFidence is an internationally recognized conference where
practitioners, researchers, and developers in computer security meet,
learn and exchange practical ideas and experiences. The
world's top-class specialists, two days of lectures presenting new, so
far non-disclosed research results, more than 400 participants - all
of this during 7th edition of the CONFidence Conference. If you plan
to participate in a ph-neutral, you should previously come
hope by doing this it will increase the quality and and clarity of the
materials. In addition, the articles are now organized into their
respective sections and the code listings in them have been improved and
are now easier to read. Also, a new "Interviews" section has been added
and for this issue, we have interviewed two well known experts from
France for their thoughts on the state of computer security.
Finally, we are always looking for feedback from our readers. It's very
important for us to know how we can improve in terms of content and
design. Please feel free to drop us an email if you have some
constructive feedback or ideas that will help us to raise the bar even
BruCON aims to become the best and most fun hacking (*) and security
event in Belgium and W. Europe offering a high quality line up of
speakers, opportunities of networking with peers, hacking challenges
and workshops. BruCON is an open-minded gathering of people discussing
computer security, privacy, information technology and its cultural/
technical implications on society. The conference creates bridges
between the various actors active in computer security world, included
but not limited to hackers(*), security professionals, security
communities, non-profit organizations, CERTs, students, law
enforcement agencies, etc...
2010/03/10: Public disclosure
VI. Credit
This vulnerability has been discovered by Jakob Lell from the
TU Berlin computer security working group (AGRS).
http://www.agrs.tu-berlin.de/parameter/en/
A copy of this advisory is also available on the following page:
The hack.lu conference is organized by the ASBL CSRRT-LU (Computer
Security Research and Response Team Luxembourg)
Location: Paris, France
What is Night da Hack?
“Night da Hack” comes from a rough translation from French “Nuit du Hack”. Started in 2003 by Hackerz Voice team, and inspired by world famous DEF CON, “Nuit du Hack” is one of the oldest French underground hacking conference.
Around computer security related talks, workshops and contests, Night da Hack aims at bringing together corporate IT professionals and hackers, no matter their skill-level. They will discover the latest technical advances in this area and assess their skills.
Night Da Hack is organized in two parts. First of all, several talks from 4pm to 11pm. Secondly, midnight to 7am: a Capture The Flag contest with 10 teams of 5 challengers each. You are more than welcomed to participate.
In order to improve both quality and accessibility of this event, the 2010 edition will be for the first time open to international talks and workshops.
is expected to be discussed in public announcements. This advisory
will be updated with references to any public messages relating to
this vulnerability once they become available.
This vulnerability was reported to Cisco by Nico Leidecker and Tracey
Parry at Portcullis Computer Security Limited. Cisco PSIRT would like
to thank these two individuals for bringing this issue to our
attention and for working with PSIRT toward coordinated disclosure of
the issue. Cisco PSIRT greatly appreciates the opportunity to work
with researchers on security vulnerabilities and welcomes the
opportunity to review and assist in product reports.
Only one month to DEFCON.
Just passing on to the security community of Minneapolis, please feel
free to join us.
Topic: How malware can still subvert Anti-Virus and computer security controls.
Speaker: Chris Secrest
Time: 6PM-10PM
Talk will start at 7PM
significant new discoveries about computer network hack attacks
and defenses will be presented at the sixth annual PacSec conference.
The PacSec meeting provides an opportunity for foreign specialists
to be exposed to Japanese innovation and markets and collaborate
on practical solutions to computer security issues. In an informal
setting with a mixture of material bilingually translated in both
English and Japanese the eminent technologists can socialize and
attend training sessions.
Announcing the opportunity to submit papers for the PacSec 2008
John will be discussing how the electronic discovery process works,
why it is costing corporations millions of dollars (and why it doesn't
have to), and what attendees need to know in order to operate within
this new legal environment.
David 'Video Man' Bryan is computer security consultant for NetSPI and
a senior organizer of the annual DEFCON (www.defcon.org) computer
security conference in Las Vegas, NV. David will be presenting on the
potential threats and vulnerabilities surrounding Voice over IP
telephony. Topics covered will include voice privacy issues, quality
of service, and mitigating strategies for companies and individuals
The deadline for submissions is the 31st of October.
* What is RuxCon?
RuxCon strives to be Australia's most technical and interesting
computer security conference. We're back for the fifth year
and intend on bringing you another high quality conference.
The conference is held over two days in a relaxed atmosphere,
allowing attendees to enjoy themselves whilst expanding their
knowledge of security.
Can we close this thread now?
http://en.wikipedia.org/wiki/Zero_day
"A zero-day (or zero-hour) attack is a computer threat that exposes undisclosed or unpatched computer application vulnerabilities. Zero-day attacks take advantage of computer security holes for which no solution is currently available."
> Steven Adair wrote:
> > Not in my book. I guess the people on this list are working off too many
> > different definitions of 0day. 0day to me is something for which there is
- --
- ---
[CubilFelino Security Research Lab - http://chr1x.sectester.net ]
"The computer security is an art form. It's the ultimate martial art."
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJKwY7LAAoJEENUkd83ZfT4DWkH/0WJ1vgee7nqoYV1WwSJZDfp
IRIX is not dead yet.
About Digit Security Ltd
----------------------------------
Digit Security is a computer security consultancy based in the United
Kingdom, albeit with a slight difference. The company is a co-operatively
controlled entity comprised of professionals who are experts in their
respective fields. Thus, as a corollary, nearly everyone at Digit Security
is a both a Consultant, Developer and a Director (although we prefer the
term 'equal').
Kirkegaard, Kryptos Logic.
=====[ About Kryptos Logic
Kryptos Logic is a group of talented computer security experts
from around the globe that has coalesced into a highly effective
team. We provide a wide range of security products ranging from
binary analysis, instrusion management systems, anti-piracy, and
digital rights management software. We also perform
state-of-the-art research on emerging attack vectors and threats
** What is No cON Name **
This congress is aimed at system and network administrators, programmers,
experts and/or security auditors, and also independent self-taught computer
security experts.
All of them with the same objective: to share and understand new and
different systems that currently shape the global networks.
Their common motivation is curiosity and the need to read again the
Next Page>>
|
