Next Page >>
incident
3rd CALL FOR PAPERS
IMF 2008
4th International Conference on
IT Incident Management & IT Forensics
Mannheim, Germany
September 23 - 25, 2008
http://www.imf-conference.org/
CALL FOR PAPERS
IMF 2008
4th International Conference on
IT Incident Management & IT Forensics
Mannheim, Germany
September 23 - 25, 2008
http://www.imf-conference.org/
2nd CALL FOR PAPERS
IMF 2008
4th International Conference on
IT Incident Management & IT Forensics
Mannheim, Germany
September 23 - 25, 2008
http://www.imf-conference.org/
2. CALL FOR PAPERS
IMF 2009
5th International Conference
on IT Security Incident Management & IT Forensics
September 15th - 17th, 2009
Stuttgart, Germany
PAPER SUBMISSION OPEN!
3rd CALL FOR PAPERS
IMF 2009
5th International Conference
on IT Security Incident Management & IT Forensics
September 15th - 17th, 2009
Stuttgart, Germany
DEADLINE EXTENSION
Following are the latest addition to the Web Hacking Incidents Database
(WHID), a Web Application Security Consortium project. For further
information about the incidents including reference to further
information about each incident, refer to WHID's site at
http://www.webappsec.org/projects/whid/
WHID 2007-48: MSU investigating hacking incident
Reported: 17 October 2007
CALL FOR PAPERS
IMF 2009
5th International Conference
on IT Security Incident Management & IT Forensics
September 15th - 17th, 2009
Stuttgart, Germany
========================================================================
If you discovered this vulnerability while performing your standard
duties within the company, you have an obligation to your company and to
your customers to report it to the appropriate company leaders as
quickly as possible. Going on the assumption that you discovered the
vulnerability while performing your standard duties, you should follow
your company's formal incident response procedures. Each company should
have incident response procedures or a whole incident response team to
deal with these sort of situations. If you are not sure whether your
company has incident response procedures or an incident response team,
check with the HR department (to prevent premature distress the IT
department).
error messages belong to different categories such as Alerts, Startup, Operational
and Policy Errors, so, I'm assuming that the OPTIONS HTTP method doesn't fit in
none of the mentioned categories, resulting in a message explaining that there's
no handler for this type of request which discloses an internal IP address.
Cisco PSIRT (Product Security Incident Response Team) responded by saying that the
bug is triggered not only by the OPTIONS request. Internal IP address is included
in response if ACE XML Gateway was not able to find a matching handler for the
request. Also, the PSIRT verified that GET request, with a path for which no
handler was configured, results in the same address disclosure.
I think that the you can find the information at the incident references at http://www.webappsec.org/projects/whid/byid_id_2007-60.shtml.
----Original Message----
From: Memisyazici, Aras [mailto:arasm@vt.edu]
Sent: Sunday, December 30, 2007 2:13 PM
To: Ofer Shezaf; bugtraq@securityfocus.com
Subject: RE: Latest round of web hacking incidents for 2007 & Project news
>>The researchers found that they can use Google to retrieve the hashed password of the hacker. Google has become so big that it actually allows efficient encrypted passwords lookup.
>
> -----Original Message-----
> From: "Ofer Shezaf" <ofers@Breach.com>
> To: "Bugtraq" <bugtraq@securityfocus.com>
> Sent: 12/27/07 11:01 AM
> Subject: Latest round of web hacking incidents for 2007 & Project news
>
>
> The last month was very active in the web application security field and at
> the Web Hacking Incidents Database Project we have collected numerous new
> incidents, listed below. It is very evident that both the rate of incidents
-----Original Message-----
From: "Ofer Shezaf" <ofers@Breach.com>
To: "Bugtraq" <bugtraq@securityfocus.com>
Sent: 12/27/07 11:01 AM
Subject: Latest round of web hacking incidents for 2007 & Project news
The last month was very active in the web application security field and at
the Web Hacking Incidents Database Project we have collected numerous new
incidents, listed below. It is very evident that both the rate of incidents
The last month was very active in the web application security field and at
the Web Hacking Incidents Database Project we have collected numerous new
incidents, listed below. It is very evident that both the rate of incidents
as well the amount of information about each one is on the rise.
We have also started adding more classifications to each incident. In
addition to the attack method we now track for each incident its geography,
the outcome of the attack and the industry sector it occured at. We are
going to use this information in the our first annual Web Incidents summary
CALL FOR PARTICIPATION
IMF 2008
4th International Conference on
IT Incident Management & IT Forensics
Mannheim, Germany
September 23 - 25, 2008
http://www.imf-conference.org/
CALL FOR PARTICIPATION
IMF 2009
5th International Conference
on IT Security Incident Management & IT Forensics
September 15th - 17th, 2009
Stuttgart, Germany
Early Registration Closes on September 1st!
The incidents reported on WHID (the web hacking incidents database) last
week where:
* WHID 2009-3: Google Trends Falls Victim to a Stunt
(http://whid.xiom.com/whid-2009-3)
A very good example of why insufficient anti-automation is becoming
a major threat to web applications.
* WHID 2009-4: Twitter Personal Info CSRF (http://whid.xiom.com/whid-2009-4)
Here is the latest bunch of hacking incidents added to WHID, the Web Hacking
Incident Database (http://www.webappsec.org/projects/whid)
+ A particularly juicy one was an SQL injection at the site of RIAA
(Recording Industry Association of America), one of the most hated
organizations on the planet
(http://www.webappsec.org/projects/whid/byid_id_2008-04.shtml)
+ Yet another state government site (Pennsylvania,
TZ>> 04.04.2009 - Sending another POC file (RAR)
TZ>> 06.04.2009 - POC is acknowledged and promise is made to get back
TZ>> once the material has been analysed.
TZ>> 10.04.2009 - Sending another POC file (ZIP)
TZ>> 10.04.2009 - The third person ergo the "Cyber
TZ>> Incident & Vulnerability Handling PM" is taking over coorindation
TZ>> 14.04.2009 - A comment was made to my blog that indicated IBM did
TZ>> answer the Bugtraq posting and negate my findings, having
TZ>> received no response from them personaly I ask
TZ>> "Dear Peter, I was refered to this url in a comment posted to my blog:
The Web Hacking Incidents Database (http://whid.webappsec.org), or WHID for
short, is a Web Application Security Consortium (http://www.webappsec.org)
project dedicated to maintaining a list of web applications related security
incidents. WHID goal is to serve as a tool for raising awareness of the web
application security problem and provide information for statistical
analysis of web applications security incidents.
To continuously learn about new incidents, subscribe to the WHID RSS at
http://whid.webappsec.org/whid/rss.
There are four technical skills required by security researchers, software quality assurance engineers, or developers concerned about security: Source code auditing, fuzzing, reverse engineering, and exploitation. All these skills and more are covered. C/C++ code has been plagued by security errors resulting from memory corruption for a long time. Problematic code is discussed and searched for in lectures and labs, with WebGoat introduced as well. Fuzzing is a topic book author DeMott knows about well. Mutation file fuzzing and framework definition construction (Sulley and Peach) are just some of the lecture and lab topics. When it comes to reversing C/C++ (Java and others are briefly discussed) IDA pro is the tool of choice. Deep usage of this tool is covered in lecture and lab. Exploitation discussions and labs are the exciting final component. You’ll enjoy exploiting BSD local programs to Vista browsers using the latest techniques.
Web and Cloud Application Security Workshop
Instructor: Andre Gironda
Includes: Printed workbook, Build/setup/use of a virtual infrastructure
This cloud-web application security workshop covers web applications in various virtual infrastructures, primarily focused on defense, compliance, and incident response. First, we'll identify applications as if they had already been attacked. Then, we'll come up with a risk management plan based on incident data, compliance/regulations, as well as data classifications. We'll look at full-knowledge verification using web server configuration and content files, in addition to runtime and source code verification. We'll go over the various implications of pen-testing cloud-web applications. This will include a thorough look at the strengths and weaknesses of web application firewalls and application hardening practices. Finally, we'll perform mock verifications and discuss partnering with application developers.
Applied Physical Security - Lockpicking and Safecracking
Instructor: datagram
Includes: 1 lockpicking kit, 1 handcuff key, 1 practice deadbolt, 1 practice padlock
This course focuses on learning and applying techniques of lockpicking, key bumping, impressioning, decoding, bypass, and safe cracking against a variety of real world locks and safes. Common lock designs are examined for various weaknesses that allow different methods of attack, some of which are extremely fast and easy to perform. High security locks will also be examined so attendees can learn to spot good locks from bad locks when shopping for access control devices.
TZ> 04.04.2009 - Sending another POC file (RAR)
TZ> 06.04.2009 - POC is acknowledged and promise is made to get back
TZ> once the material has been analysed.
TZ> 10.04.2009 - Sending another POC file (ZIP)
TZ> 10.04.2009 - The third person ergo the "Cyber
TZ> Incident & Vulnerability Handling PM" is taking over coorindation
TZ> 14.04.2009 - A comment was made to my blog that indicated IBM did
TZ> answer the Bugtraq posting and negate my findings, having
TZ> received no response from them personaly I ask
TZ> "Dear Peter, I was refered to this url in a comment posted to my blog:
2nd CALL FOR PARTICIPATION
IMF 2007
3rd International Conference on
IT-Incident Management & IT-Forensics
Stuttgart, Germany
September 11 - 13, 2007
http://www.imf-conference.org/
Reported By:
Apache Software Foundation
David Endler of iDefense
Ulf Harnhammar for SITIC, Swedish IT Incident Centre
Impact: A remote attacker can exploit a buffer overflow to gain
apache privileges, or cause a denial of service.
04.04.2009 - Sending another POC file (RAR)
06.04.2009 - POC is acknowledged and promise is made to get back
once the material has been analysed.
10.04.2009 - Sending another POC file (ZIP)
10.04.2009 - The third person ergo the "Cyber
Incident & Vulnerability Handling PM" is taking over coorindation
14.04.2009 - A comment was made to my blog that indicated IBM did
answer the Bugtraq posting and negate my findings, having
received no response from them personaly I ask
"Dear Peter, I was refered to this url in a comment posted to my blog:
CALL FOR PARTICIPATION
IMF 2007
3rd International Conference on
IT-Incident Management & IT-Forensics
Stuttgart, Germany
September 11 - 12, 2007
http://www.imf-conference.org/
The Web Hacking Incidents Database (http://whid.webappsec.org), or WHID for
short, is a Web Application Security Consortium (http://www.webappsec.org)
project dedicated to maintaining a list of web applications related security
incidents. WHID goal is to serve as a tool for raising awareness of the web
application security problem and provide information for statistical
analysis of web applications security incidents.
The following incidents where added to WHID last week:
* WHID 2009-19: Kaspersky site breached using SQL injection, sensitive data
(Sorry for the duplicate sending; links in the original post where broken)
The Web Hacking Incidents Database (http://whid.webappsec.org), or WHID for
short, is a Web Application Security Consortium (http://www.webappsec.org)
project dedicated to maintaining a list of web applications related security
incidents. WHID goal is to serve as a tool for raising awareness of the web
application security problem and provide information for statistical
analysis of web applications security incidents.
The following incidents where added to WHID last week:
Web Application penetration testing will be covered as well with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection.
The course will come with a complementary USB Harddrive loaded with the lab Virtual Machine images for you to play with so you can continue to hone your skills and learn new techniques even after the course is finished. Attendees will walk away with a current knowledge of how to pen-test both a network and a web application, all of the basic tools needed, and a set of practice exercises that they can use to improve their skills.
CORPORATE SECURITY AND INCIDENT RESPONSE CRASH COURSE
Instructors: Gabriel Lawrence, James O'Gorman, Matthew Churchill, & datagram
Includes: USB Flash Drive, Lockpicks, Materials
This course will cover all of the behind the scenes things that you need to know to be an effective security administrator and/or CSO. Thie first day of this course will focus on the different threats and attack vectors of your company covering both network and physical based attacks and ways to identify how attackers could get into your network and the countermeasures that you can take to prevent it from happening.
- Cryptographical Weaknesses
- Digital Espionage
- Digital Forensics
- eVoting
- Failure and Fixes of all kinds
- Incident Response
- Malware Research
- Messaging Technologies
- Network Protocols
- Operating Systems
- Secure Software Development
# Analysis and reverse engineering of malicious code
# Analysis of vulnerability, attacks and defence against networks, hardware, software
# Virtualization and operating systems security
# Web applications security and cryptographic
# 3G/4G, SS7, WLAN, RFID, Bluetooth Security
# Data recovery, Forensic and Incident Response
# Physical security
# Botnets
# Security research
Caution!
Next Page>>
|
