Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasRyan Linn Cain BeEF Hash: Snagging Passwords without Popping Boxes |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasMike Kershaw (drag0rn) Author of Kismet will talk about msf/lorcon/wifi pwnage & blind/semi-blind http ownage |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasName: Jonathan Cran, http://www.rapid7.com / http://www.0x0e.org Abstract: Penetration testing may be a loaded term, but what remains consistent is the need to gather large sets of data and analyze them. Regardless of whether you've worked on a globally distributed red team or you're pentesting your own company, it's easy to understand the need for good process tools for penetration testing. This talk will demonstrate tactics, techniques and tools (some old, some new) that can be utilized in pentesting, collaborative or not. These will allow you to focus on the techical aspects of security testing, and give you "free" updates, reports and collaboration. Explanations and examples of real-world usage will be given, and you'll walk away with a set of tools that will allow you to participate in a world-class red team. |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasName: Alex Hutton (@alexhutton) & David Mortman (@mortman): http://www.newschoolsecurity.com Abstract: We're really freaking tired of people who insist that information security & risk management remain a cargo cult. So this discussion will center on what we need to do to escape ignorance: that which we need to understand, how we should go about attempting to understand it, and how we can share our knowledge to ultimately do a better job. |
Sat, 29 August 2009
|
Sat, 29 August 2009
|
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasModerator: Erin Jacobs http://www.secsocial.com Abstract: Spun from the controversy over the Sec-xy Pillow Fight ( http://www.secpillowfight.com ) imagery, a group of women panelist shall assemble to discuss views on professional image and gender issues for females in the security industry.
|
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasName: Marisa Fagan (marisa@erratasec.com, Twitter: @errata); Elizabeth Wharton (elizabeth@erratasec.com, Twitter: @LawyerLiz) Abstract: Everyone has a few skeletons in their closet: old relationships, former co-workers/employees, business rivals, and nosy neighbors they would like to forget. While breaking up is hard to do, what happens when one of these skeletons has a bone to pick with you or your company? Because of their proximity, certain people have unique access to personal information that can be used to compromise your online identity. As business continues to expand into the social media arena, and vice-versa, the potential reputation and monetary damage to your online identity becomes magnified. Current ID Theft attack tree models fail to acknowledge this threat and legal protections are slow to respond. This talk will address current vulnerability and legal trends as well as give you the power through tips, tricks, and techniques to put the skeletons back in the closet. |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasTalksName: David Rook, http://www.securityninja.co.uk Abstract: The common approach towards secure development education is to discuss a small set of common vulnerabilities instead of telling developers how to develop securely. We don't teach people to drive by giving learner drivers a list of the common ways to crash so why do we do this with developers? This presentation will discuss a small set of secure development principles that developers can follow without having to know the intricate details of any web application vulnerability. "Teach a developer about a vulnerability and he will prevent it, teach him how to develop securely and he will prevent many vulnerabilities". |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasName: Damon Cortesi @dacort; http://alchemysecurity.com/ Abstract: Discussion of the inherent lack of security on social networks such as Twitter, and the challenges of organizations in the web 2.0 space to build and maintain a secure web application. Damon will take a look at a few startups from the past year and examine the different types of failure they have experienced from a security perspective. The inherent risks of communication via social networks will also be discussed. Whether it's malware propagation or a lack of fine-grained access controls, your data is at risk no matter how hard you may try to protect it. |
Sat, 29 August 2009
http://www.securitybsides.com/BSidesLasVegasLuis Corrons @luis_corrons; http://pandalabs.pandasecurity.com/ Back in October 2008 PandaLabs published findings from a comprehensive study on the rogueware economy which concluded that the cybercriminals behind fake antivirus software applications were generating upwards of $15 million per month. This session will showcase findings from a new PandaLabs report that examines the evolution of the rogue antivirus economy and the increasingly sophisticated social engineering techniques deployed by cybercriminals to generate even greater returns, including the rise of Twitter trending malware and Blackhat SEO campaigns. Participants will also gain visibility into the current economics of rogueware, with previously unpublished findings that reveal hard dollar figures, corrupt affiliate systems, and free hosting services. Finally, the session will share PandaLabs’ recent findings and analysis on the different social network distribution methods (e.g. Digg, Facebook, MySpace, Twitter, etc.) and uncover the unique vulnerabilities of each platform. |
Chaordic Thought & Design
Expanding the spectrum of conversation one mind opening experience at a time.
Categories
podcastsArchives
August
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 | ||
Syndication
