Next Page >>
computer security
brings together researchers from academia and industry within
Europe and beyond to present and discuss current topics in applied
network and systems security.
The conference program includes eight presentations of scientific
papers from different areas of computer security. Moreover, the
conference features three invited talks given by renowned experts:
* John McHugh, RedJack LLC and University of North Carolina
The Cyclic Nature of Computer Security, or Must we always go in
circles?
themselves, affecting virtually every existing implementation. Even in
the last couple of years, researchers were still working on security
problems in the core protocols.
The discovery of vulnerabilities in the TCP/IP protocol suite usually
led to reports being published by a number of CSIRTs (Computer Security
Incident Response Teams) and vendors, which helped to raise awareness
about the threats and the best mitigations known at the time the reports
were published. Unfortunately, this also led to the documentation of the
discovered protocol vulnerabilities being spread among a large number of
documents, which are sometimes difficult to identify.
* DoS/DDoS response and mitigation, botnets
* Authentication and access control
* Security in the cloud
* Protection of critical infrastructure
* Security in mobile systems
* Computer security incident response teams (CSIRTs): creation,
management, experiences
* Security in corporate environments, compliance and auditing, return on
security investments
* Security management (procedures, operational logs, records, etc.)
* Risk management in Information Security
----------------------------------------------------------------------------------------------------------------
ACSAC 2009: Deadline extended (panels June 10; papers, case studies, workshops, tutorials: June 8)
----------------------------------------------------------------------------------------------------------------
25th Annual Computer Security Applications Conference (ACSAC)
December 7-11, 2009
Honolulu, Hawaii
CALL FOR PARTICIPATION: SUBMISSION DEADLINE EXTENDED
Our website is now open for submissions: http://www.acsac.org
About CYBSEC S.A. Security Systems
-----------------------------------
Since 1996 CYBSEC S.A. is devoted exclusively to provide professional services specialized in Computer Security. More than 150 clients around the
globe validate our quality and professionalism.
To keep objectivity, CYBSEC S.A. does not represent, neither sell, nor is associated with other software and/or hardware provider companies.
Our services are strictly focused on Information Security, protecting our clients from emerging security threats, mantaining their IT deployments
available, safe, and reliable.
Beyond professional services, CYBSEC is continuosly researching new defense and attack techiniques and contributing with the security community with
would like to present their latest IT
security research.
-- Industry experts who would like to influence
what is taught in undergraduate and graduate
computer security curricula.
-- Industry experts who can update academia on
the current state of real-world IT security.
-- Computer, Security, and Privacy Law experts
* DoS/DDoS response and mitigation, botnets
* Authentication and access control
* Security in the cloud
* Protection of critical infrastructure
* Security in mobile systems
* Computer security incident response teams (CSIRTs): creation,
management, experiences
* Security in corporate environments, compliance and auditing, return on
security investments
* Security management (procedures, operational logs, records, etc.)
* Risk management in Information Security
Last month we announced a technology event called Campus Party EU
(http://www.campus-party.eu/home-en.html), which will take place
between 14 and 18 April 2010 in Madrid (Spain). We distributed a Call
For Participants, in which the chosen participants would attend
different talks given by great and well-known computer security
speakers (Joanna Rutkowska, Stefano Di Paola...), participate in a
hacking contest, and enjoy the other areas of the event, interacting
with other European colleagues interested in new technologies and
innovation too.
IRIX is not dead yet.
About Digit Security Ltd
----------------------------------
Digit Security is a computer security consultancy based in the United
Kingdom, albeit with a slight difference. The company is a co-operatively
controlled entity comprised of professionals who are experts in their
respective fields. Thus, as a corollary, nearly everyone at Digit Security
is a both a Consultant, Developer and a Director (although we prefer the
term 'equal').
[ - Introduction - ]
uCon will be a totally informal and non-profit conference (actually a
small gathering of friends, hackers, computer security enthusiasts and
idiots alike) taking place in Recife, Pernambuco, in 9th of February 2008
-- three days after the best street carnival in the world. The conference
aims to bring together academics, hackers and information security
enthusiasts to share cutting-edge ideas and thoughts about their latest
developments and techniques in the field.
> There's an easy fix for this. Wait a few months for Asus to ship
> systems with Windows 7.
>
> Otherwise this is very much not anything different then when someone
> else years and years ago said that IBM laptops or Dell computers
> were shipped in this manner and a basic law of computer security.
> Show me a OEM build of a XP and this is how they ship. With all due
> respect, if you want me to click on your web site, how about coming
> up with a "vulnerability" that wasn't discussed on this very list in
> 2004? http://marc.info/?l=vulndiscuss&m=109568970316652&w=2
>
CONFidence we would like to sincerely inform and invite you to the
next event which will be held in Krakow, on the 25-26 May.
########## CONFidence & PH-NEUTRAL ##########
CONFidence is an internationally recognized conference where
practitioners, researchers, and developers in computer security meet,
learn and exchange practical ideas and experiences. The
world's top-class specialists, two days of lectures presenting new, so
far non-disclosed research results, more than 400 participants - all
of this during 7th edition of the CONFidence Conference. If you plan
to participate in a ph-neutral, you should previously come
--- U21 category:
We don't take the age so serious as it might sound but this category is
especially for young security researchers who are *not* working in a
professional sense yet, e.g. (full-time) students, or attending college,
technical school or just interested in computer security. We will also
accept submissions if you are a little bit older than 21 years.
Don't be shy if your idea is not groundbreaking or not the top
vulnerability discovered in the last 5 years. There's always room for
some extra hacking. :)
We want to encourage you to submit your *own* research.
is expected to be discussed in public announcements. This advisory
will be updated with references to any public messages relating to
this vulnerability once they become available.
This vulnerability was reported to Cisco by Nico Leidecker and Tracey
Parry at Portcullis Computer Security Limited. Cisco PSIRT would like
to thank these two individuals for bringing this issue to our
attention and for working with PSIRT toward coordinated disclosure of
the issue. Cisco PSIRT greatly appreciates the opportunity to work
with researchers on security vulnerabilities and welcomes the
opportunity to review and assist in product reports.
Fixed version:
KDE >= 4.3.3
Credit: Tim Brown, Portcullis Computer Security Ltd.
CVE: N/A
Timeline:
attack-related research to your peers in the industry and in the
academia, act now :-)
http://www.usenix.org/events/woot11/cfp/
Progress in the field of computer security is driven by a symbiotic
relationship between our understandings of attack and of defense. The
USENIX Workshop on Offensive Technologies (WOOT) aims to bring
together researchers and practitioners in systems security to present
research advancing the understanding of attacks on operating systems,
networks, and applications.
*SyScan’08 HONG KONG*
To address the increasing importance of information security in Hong
Kong, SyScan will be going to Hong Kong in 2008.
SyScan’08 Hong Kong will provide an opportunity for foreign security
specialists to be exposed to the Hong Kong security community and
collaborate on practical solutions to computer security issues.
Date: May 29th – 30th, 2008.
Venue: To be determined.
*SyScan’08 SINGAPORE*
12-Oct-2009 - Notified vendor. No response.
04-May-2011 - Disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design,
forensics and risk mitigation services.
attacks will be presented at the ninth annual PacSec conference to be
discussed.
The PacSec meeting provides an opportunity for foreign specialists to be
exposed to Japanese innovation and markets and collaborate on practical
solutions to computer security issues. In an informal setting with a mixture
of material bilingually translated in both English and Japanese the eminent
technologists can socialize and attend training sessions.
Announcing the opportunity to submit papers for the PacSec 2011 network
security training conference. The conference will be held November 9/10th in
We'd like to thank Squiz for their exceptional response time in
responding to, and addressing, these issues.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design,
forensics and risk mitigation services.
23-Sep-2010 - Notified vendor. Received automated support ticket.
30-Apr-2011 - Disclosure.
About OSI Security:
OSI Security is an independent network and computer security auditing
and consulting company based in Sydney, Australia. We provide internal
and external penetration testing, vulnerability auditing and wireless
site audits, vendor product assessments, secure network design,
forensics and risk mitigation services.
Toucan System.
--[ About Toucan System:
Toucan System is a French computer security company providing
cutting edge research and security consulting to Fortune 500
as well as smaller companies globally, thanks to a wide range
of expertise ranging from Reverse Engineering
and binary analysis to cryptography and Risk Management.
The CFP for the 5th USENIX Workshop on Offensive Technologies is now
available at:
http://www.usenix.org/events/woot11/cfp/
Progress in the field of computer security is driven by a symbiotic
relationship between our understandings of attack and of defense. The
USENIX Workshop on Offensive Technologies (WOOT) aims to bring
together researchers and practitioners in systems security to present
research advancing the understanding of attacks on operating systems,
networks, and applications.
[Snip]
I. Background
~~~~~~~~~~~~~
ESET develops software solutions that deliver instant, comprehensive protection
against evolving computer security threats. ESET NOD32® Antivirus, is the flagship
product, consistently achieves the highest accolades in all types of
comparative testing and is the foundational product that builds
out the ESET product line to include ESET Smart Security.
http://www.eset.com/products/eset_performance_advantages.php
##################################################################
#
# [1]-Cross Site Scripting
#
# Vulnerability Description:
# Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code #injection by malicious web users into the web pages viewed by other users.
#
# Affected items:
# http://127.0.0.1/community/thread.php?start=[XSS]
# http://127.0.0.1/community/thread.php?forum=[XSS]
# http://127.0.0.1/community/thread.php?cat=[XSS]
abacus.
On Mon, 11 May 2009 12:39:47 -0400 Dragos Ruiu <dr@kyx.net> wrote:
>On 11-May-09, at 7:29 AM, Juha-Matti Laurio wrote:
>
>> The oldest documented vulnerability in computer security world
>is
>> password file disclosure vulnerability from 1965, found by Mr.
>Ryan
>> Russell.
>>
On 11-May-09, at 7:29 AM, Juha-Matti Laurio wrote:
> The oldest documented vulnerability in computer security world is
> password file disclosure vulnerability from 1965, found by Mr. Ryan
> Russell.
>
> Open Security Foundation launched a competition in April to find the
> oldest documented data loss incident.
>
I. Background
~~~~~~~~~~~~~
ESET develops software solutions that deliver instant, comprehensive protection
against evolving computer security threats. ESET NOD32® Antivirus, is the flagship
product, consistently achieves the highest accolades in all types of
comparative testing and is the foundational product that builds
out the ESET product line to include ESET Smart Security.
http://www.eset.com/products/eset_performance_advantages.php
I. Background
~~~~~~~~~~~~~
ESET develops software solutions that deliver instant, comprehensive protection
against evolving computer security threats. ESET NOD32® Antivirus, is the flagship
product, consistently achieves the highest accolades in all types of
comparative testing and is the foundational product that builds
out the ESET product line to include ESET Smart Security.
http://www.eset.com/products/eset_performance_advantages.php
--- U21 category:
We don't take the age so serious as it might sound but this category is
especially for young security researchers who are *not* working in a
professional sense yet, e.g. (full-time) students, or attending college,
technical school or just interested in computer security. We will also
accept submissions if you are a little bit older than 21 years.
Don't be shy if your idea is not groundbreaking or not the top
vulnerability discovered in the last 5 years. There's always room for
some extra hacking. :)
We want to encourage you to submit your *own* research.
Next Page>>
|
