Aditya Gupta | 3 Oct 17:09 2014
Picon

Advanced Android & iOS Hands-on Exploitation Training at Toorcon San Diego

Hello everyone,

I'm Aditya from Attify. I'm glad to announce that, I'll be running a
2-day class on Android,
iOS and ARM Hands-on Exploitation at Toorcon 2014 in San Diego this
October. The training will focus on a hands-on approach to find vulns
and exploit them on mobile applications as well as the platform as
well.

All the exercises will be performed on a customised Mobile
Exploitation training distro and on a set of vulnerable labs built for
Toorcon class. The labs
contains of over 25+ challenges over a span of 2 days along with 2
final CTF competition.

 The goal of the class is to take the students from a ground level to
upwards of you being able to find and exploit vulnerabilities in any real world
application. Some of the topics that will be covered are :

 [+] Internals of Android and iOS Security architecture
 [+] Finding application based vulnerabilities
 [+] OWASP Mobile Top 10 and lesser known vulns
 [+] Exploiting Platform based weaknesses
 [+] Assessing security of native apps
 [+] Breaking obfuscation for mobile apps
 [+] Security weaknesses in BYOD/MDM solutions
 [+] Dex and Smali Labs for Android
 [+] ARM Exploitation on Real world scenarios

 Attendees will also be receiving :
(Continue reading)

Monnappa KA | 29 Sep 13:29 2014
Picon

SecurityXploded 2nd Quarterly Meet Presentations and Video demos

Hi All,

The presentations and video demos from our recently concluded Second
‘SecurityXploded Quarterly Meet’ is now online. Thanks to all people
who took time out of their busy schedule and attended the meet.
Special thanks to ThoughtWorks for providing us with the venue.

Link to the presentations
http://securitytrainings.net/securityxploded-2nd-quarterly-meet-27th-sep-2014/

Thanks,
Monnappa

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Monnappa KA | 23 Sep 16:01 2014
Picon

Upcoming SecurityXploded Meet - 27th September, Bangalore, India

Hi All,

Friendly Reminder,

Upcoming SecurityXploded community meet on 27th
September 2014 in Bangalore, India. This meet is completely free and
doesn’t require any registration or any other formalities to attend.
The meet will start at 10 AM IST.

After the meet, we will upload the presentations/videos for our online
users to our website.

Talks:

10:00-10:30 – Introduction – SecurityXploded Team
10:30-11:15 – Dissecting BetaBot – Raghav Pande
11:15-12:15 – Analysis and Decrypting the Communications of APT
Malware – Monnappa KA
12:15 – 12:45 – New Project Announcement – SecurityXploded Team
12:45 – 1:00 – Feedback and Discussions

Venue:

ThoughtWorks, Ground Floor, ACR Mansion,

147/f, 8th Main Road, 3rd Block, Koramangala,

Bangalore – 560034

LandMark: Next to Sathya’s Bar and Mercure Hotel.
(Continue reading)

jackie | 11 Sep 16:40 2014

Deadline Approaching: InfoSec2014 - Information Security and Cyber Forensics - Malaysia

The International Conference on Information Security and Cyber Forensics 
(InfoSec2014)

Universiti Sultan Zainal Abidin (UniSZA), Kuala Terengganu, Malaysia
October 8-10, 2014 | infosec <at> sdiwc.net
http://sdiwc.net/conferences/2014/infosec2014/

All registered papers will be included in the publisher's Digital 
Library.
================================================================

The conference aims to enable researchers build connections between 
different digital applications. The event will be held over three days, 
with presentations delivered by researchers from the international 
community, including presentations from keynote speakers and 
state-of-the-art lectures.

TOPICS ARE NOT LIMITED TO:

:: Cyber Security
:: Distributed and Pervasive Systems Security
:: Formal Methods Application in Security
:: Incident Handling and Penetration Testing
:: Multimedia and Document Security
:: Privacy issues
:: Secure Software Development, Architecture and Outsourcing
:: Security in Cloud Computing
:: Security of Web-based Applications and Services
:: VOIP, Wireless and Telecommunications Network Security
:: Enterprise Systems Security
(Continue reading)

jackie | 27 Aug 10:42 2014

Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30)

ICETC2014: International Conference on Education Technologies and 
Computers

Technically co-sponsored by IEEE Poland Section
Lodz University of Technology, Lodz, Poland
September 22-24, 2014
http://goo.gl/axpR5f

The International Conference on Education Technologies and Computers 
(ICETC2014) will be held at Lodz University of Technology, Lodz, Poland 
on September 22-24, 2014. The event will be held over three days, with 
presentations delivered by researchers from the international community, 
including presentations from keynote speakers and state-of-the-art 
lectures.

The conference welcomes papers on the following (but not limited to) 
research topics:

- AV-Communication and Multimedia
- Assessment Software Tools
- Authoring Tools and Content Development
- Assessment Methods in Blended Learning Environments
- Assessment and Accreditation of Courses and Institutions
- Blended Learning
- Collaborative Learning
- Context Dependent Learning
- Course Design and E-Learning Curriculae
- Computer-Aided Assessment
- Cooperation with Industry in Teaching
- Critical Success Factors in Distance Learning
(Continue reading)

Patrick Webster | 26 Aug 08:49 2014

Test anti-malware website

Hi list,

Some time ago I was faced with the task of testing a newly deployed
anti-malware solution for a corporate enterprise with 20,000+
desktops.

We wanted to check whether overtly malicious content would reach the
desktop browser. If it was detected and blocked, where? (e.g. ISA
proxies, URL content filters, SSL inspection, IDS/IPS, firewall HTTP
inspection policy, web inline antivirus, IE/firefox/chrome blacklists
or desktop antivirus).

Rather than testing a live malware infected website, we created
http://www.wicar.org/ to remove the uncertainty in the event none of
the implemented security controls had prevented the [unknown] payload
reaching the desktop.

There is a mailing list
(https://groups.google.com/forum/#!forum/wicar) and git
(https://github.com/wicar) if anyone wishes to contribute.

-Patrick

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.
(Continue reading)

Monnappa KA | 23 Aug 14:36 2014
Picon

SecurityXploded Meet - 27th September, Bangalore, India

Hi All,

This is an announcement for the SecurityXploded community meet on 27th
September 2014 in Bangalore, India. This meet is completely free and
doesn’t require any registration or any other formalities to attend.
The meet will start at 10 AM IST.

After the meet, we will upload the presentations/videos for our online
users to our website.

Talks:

10:00-10:30 – Introduction – SecurityXploded Team
10:30-11:15 – Dissecting BetaBot – Raghav Pande
11:15-12:15 – Analysis and Decrypting the Communications of APT
Malware – Monnappa KA
12:15 – 12:45 – New Project Announcement – SecurityXploded Team
12:45 – 1:00 – Feedback and Discussions

Venue:

ThoughtWorks, Ground Floor, ACR Mansion,

147/f, 8th Main Road, 3rd Block, Koramangala,

Bangalore – 560034

LandMark: Next to Sathya’s Bar and Mercure Hotel.

Contact Details:
(Continue reading)

h1kari | 20 Aug 23:59 2014

ToorCon 16 Call For Papers!

TOORCON 16 CALL FOR PAPERS

It's that time of year again! ToorCon 16 is coming so get your code finished and submit a talk this time
around. We're letting you decide if you want to be a part of our 50-minute talks on Saturday, 20-minute
talks on Sunday, and 75-minute talks for our Deep Knowledge Seminars on Friday depending on how much time
you need to present your new ideas and techniques. We evaluate our submissions in the order that they're
received so submit your talk before time runs out!

CFP SUBMISSION INFORMATION

Please submit your CFP info at http://sandiego.toorcon.net/cfp

DISCLAIMERS

Please no vendor pitches or talks on old subjects. We try to keep ToorCon highly technical so please only
submit talks on original research that isn't more than 12 months old. Talks that are submitted for a
50-minute or 75-minute slot may be asked to be reduced to 20-minutes if space on the lineup is limited. You
must notify ToorCon if you are in any way unable to make it to your talk after being accepted.

REASONS TO SUBMIT

- The honor and prestige of knowing you've made your contribution to hacker society
- A free ticket for yourself and a friend
- Invitations to all of the parties and special events
- Free admission to the Friday seminars (as space is available)
- Compensation is provided to 2-day workshop trainers, please email for details

SPONSORSHIP

ToorCon offers many sponsorship opportunities and provides exposure to many of the top minds and decision
(Continue reading)

jackie | 20 Aug 10:33 2014

ICETC2014 - IEEE Extended Submission until Aug. 28, 2014

		   Apologies for cross-posting.
          Kindly forward to those who may be of interest.
=======================================================================
  International Conference on Education Technologies and Computers
			   (ICETC2014)
	  Lodz University of Technology, Lodz, Poland
	 	     September 22-24, 2014

	  http://sdiwc.net/conferences/2014/icetc2014

The conference is technically co-sponsored by IEEE Poland Section. All
registered papers will be submitted to IEEE for potential inclusion
to IEEE Xplore as well as other Abstracting and Indexing (A&I) 
databases.

Paper submission has been extended until August 28, 2014. For more 
details
and updates please visit the conference website or email us at 
icetc <at> sdiwc.net
=======================================================================
** T H A N K  Y O U  A N D  H O P E  T O  S E E  Y O U  T H E R E **

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

(Continue reading)

arjun | 16 Jul 09:27 2014

Hashes/encoded for a string input

Greetings!

Is there any convenient way to compute different hash values / encoded 
strings for a string?
Or a bash/python/perl script that could facilitate same?

 <at> 

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

cfp | 15 Jul 07:16 2014
Picon

Ruxcon 2014 Final Call For Presentations

______________________________________________________________ _._) (_._ | .%$$% .. | ' __________. ._____ ________.&&$ '$$%$.__________ ' ._\ /___.___\ \_____/ ____/$ &&$\ /_ -:-\ \_____\ | /____/ /________\'$#%. .$&&'/____/ /-:- /____/ \________/ \____\ ' %$$$%' /_____/ . www.ruxcon.org.au . _|_ _|_ '(______________________________________________________________)'
Introduction

The Ruxcon team is pleased to announce the Final Call For Presentations for Ruxcon 2014.

This year the conference will take place over the weekend of the 11th and 12th of October at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of September, 2014.

About Ruxcon

Ruxcon is the premier technical computer security conference in Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

Important Dates

  • September 15 - Call For Presentations Close
  • October 6-7 - Ruxcon/Breakpoint Training
  • October 8-9 - Breakpoint Conference
  • October 11-12 - Ruxcon Conference

Topic Scope

Topics of interest include, but are not limited to:

  • Mobile Device Security
  • Virtualization, Hypervisor, and Cloud Security
  • Malware Analysis
  • Reverse Engineering
  • Exploitation Techniques
  • Rootkit Development
  • Code Analysis
  • Forensics and Anti-Forensics
  • Embedded Device Security
  • Web Application Security
  • Network Traffic Analysis
  • Wireless Network Security
  • Cryptography and Cryptanalysis
  • Social Engineering
  • Law Enforcement Activities
  • Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc)
Submission Guidelines

In order for us to process your submission we require the following information:

1. Presentation title
2. Detailed summary of your presentation material
3. Name/Nickname
4. Mobile phone number
5. Brief personal biography
6. Description of any demonstrations involved in the presentation
7. Information on where the presentation material has or will be presented before Ruxcon

As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time.

Please note that Ruxcon isn't able to cover any travel expenses for speakers. Speakers in the past have had success in having their employer cover conference related expenses. Our other conference Breakpoint does cover travel expenses and runs 3 days before Ruxcon.

If you have any enquiries about submissions, or would like to make a submission, please send an email to presentations <at> ruxcon.org.au

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL
works, how it benefits your company and how your customers can tell if a site is secure. You will find out how
to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout,
best practices for set-up are highlighted to help you ensure efficient ongoing management of your
encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Gmane