headers
Marc Casas Guix | 2 Feb 17:44

Call for Papers: SLAML 2011

_Managing Large-Scale Systems via the Analysis of System Logs and the 
Application of Machine Learning Techniques (SLAML 2011)_

At the ACM Symposium on Operating Systems Principles

October 23-26, 2011

Carcais, Portugal

  Important Dates

    *

      Full paper submission due:* Friday, June 17*^*th* *, 2011*

    *

      Notification of acceptance: *Friday, July 15*^*th* *, 2011*

    *

      Final papers due: *Friday, August 12*^*th* *, 2011*

  Overview

Modern large-scale systems are challenging to manage. Fortunately, as 
these systems generate massive amounts of performance and diagnostic 
data, there is an opportunity to make system administration and 
development simpler via automated techniques to extract actionable 
information from the data. This workshop addresses this problem in two
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dragos Ruiu | 13 Jan 12:41

Final Penultimate last Call for Papers for CanSecWest 2011 (deadline Jan. 17th, conf March 9-11)

"First they ignore you, then they ridicule you, 
then they fight you, then you win." -- Mahatma Ghandi.

Well if Fox's new comedy show "Breaking In" is any
indication, infosec has now entered Ghandi's second 
stage. http://goo.gl/ZpLDp [youtube] (hat tip to Adam 
O'Donnell for this humorous find, and Sam Bowne for 
the quote/quip)

But on a slightly more serious note.

CanSecWest is nearing in the second week of March, and 
this year I've waited on sending out the CFP note/reminder. 
It's been up on the site for a while with a Dec 29 deadline, 
but this is the real last call for submissions. If you don't get 
them in by this weekend they won't make the selections 
review process next week. We'll try to announce the 
selections the week following. After 11 years, most 
of you should know the drill, but for those who haven't 
submitted or attended before, the fine print and usual 
further information is attached below.

Other info:

We are doing more dojo training courses  than ever this 
year (17!) and they will be up for registration next week. 
I've also confirmed with Aaron/TippingPoint/HP that we 
will again be holding PWN2OWN with both browser and 
mobile targets, so stand by for some announcements 
there. There will also be some other new experiments
(Continue reading)

Permalink | Reply | 0 comments |
headers
Champ Clark III [Softwink] | 25 Jun 02:49

[Tool] The 'Snort like' log monitoring system == Sagan


Sagan release version 0.1.0
http://sagan.softwink.com
Written by Champ Clark (AKA 'Da Beave') and the Softwink, Inc team
Date: 06/24/2010

Softwink announces the release of Sagan, a real time log monitoring
system.

Sagan is a multi-threaded, real time system- and event-log monitoring system,
but with a twist. Sagan uses a "Snort" like rule set for detecting "bad 
things" happening on your network and/or computer systems. If Sagan detects 
a "bad thing" happening, that event can be stored to a Snort database
(MySQL/PostgreSQL) and Sagan will correlate the event with your
Snort Intrusion Detection/Intrusion Prevention (IDS/IPS) system.  Sagan 
is meant to be used in a 'centralized' logging environment,  but will 
work fine as part of a standalone Host IDS system for workstations.

Sagan is fast:  Sagan is written in C and is a multi-threaded application. 
Sagan is threaded to prevent blocking Input/Output (I/O). For example, 
data processing doesn't stop when an SQL query is needed.  It is also meant
to be as efficient as possible in terms of memory and CPU usage. 

Sagan uses a "Snort" like rule set: If you're a user of "Snort" and
understand Snort rule sets, then you already understand Sagan rule sets.
Essentially, Sagan is compatible with Snort rule management utilities, like 
"oinkmaster" for example.

Sagan can log to Snort databases: Sagan will operate as a separate "sensor"
ID to a Snort database. This means that your IDS/IPS events from Snort will
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dragos Ruiu | 27 May 16:01

EUSecWest 2010 MiniCFP (conf Jun 16/17) and PacSec 2010 CFP (conf Nov 10/11, deadline July 30)

EUSecWest 2010 MiniCFP (PacSec CFP Follows)

One of our presenters was unable to get corporate approval for his 
travel and cancelled out. As such we are opening up one or two 
available slots for last minute submissions. We are also offering
a referral bounty of a free conference registration for high quality
replacement papers on short notice. (The Conference is on June 16/17
at the Melkweg in Amsterdam.) Please forward submissions to
secwest10 [at] eusecwest.com, and please include the name of
the referrer for the bounty award.

The current confirmed speakers for EUSecWest are:

Special party (16th) musical guests: Plump DJs (others TBA)

   Legic Prime: Obscurity in Depth
   Karsten Nohl & Hendryk Plötz, Security Research Labs

   Having fun with Apple's IOKit
   Ilja Van Sprundel, IOActive

   Escaping the Sandbox
   Stephen Ridley, Matasano

   Milking a horse or executing remote code in modern Java web frameworks
   Meder Kydryraliev, Google

   Hacking Printers for fun and profit
   Andrei Constin
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dragos Ruiu | 30 Apr 08:50

EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)

EUSecWest CALL FOR PAPERS

   AMSTERDAM, Nederland -- The sixth annual EUSecWest applied technical
   security conference - where the eminent figures in the international
   security industry will get together share best practices and technology
   - will be held in downtown Amsterdam at the the Melkweg Multimedia
   Center near Leidseplein on June 16/17, 2010. The most significant new
   discoveries about computer network hack attacks and defenses,
   commercial security solutions, and pragmatic real world security
   experience will be presented in a series of informative tutorials.

   The EUSecWest meeting provides international researchers a relaxed,
   comfortable environment to learn from informative tutorials on key
   developments in security technology, and collaborate and socialize with
   their peers in one of the world's most scenic cities - a short walk
   away from several large hotels and the Leidseplein entertainment and
   shopping district, conveniently close to many famous museums,
   convenient transport, Vondel Park, and a plentitude of restaurants and
   bars.

   This year the first evening party will feature a special musical guest
   star. We will announce the performer(s) shortly.

   The EUSecWest conference will also feature the availability of the
   Security Masters Dojo expert network security sensei instructors, and
   their advanced, and intermediate, hands-on training courses - featuring
   small class sizes and practical application excercises to maximize
   information transfer.

   We would like to announce the opportunity to submit papers, and/or
(Continue reading)

Permalink | Reply | 0 comments |
headers
Core Security | 21 Nov 01:07
Picon
Favicon

Replicating the Gonzalez Cyber Attacks through Penetration Testing

--------------------------------------------------------------------------------
YOU'RE INVITED: IT SECURITY ON DEMAND WEBCAST

"Replicating the Gonzalez Cyber Attacks through Penetration Testing"
Register: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez
---------------------------------------------------------------------------------

Recently, we saw the indictment of cybercrime kingpin Albert Gonzalez, one of the accused masterminds
behind high-profile data breaches at Heartland Payment Systems, Hannaford Bros. Supermarkets,
7-Eleven, and TJX. Next week, Core Security Technologies will present a hands-on look at the attacks
Gonzalez and his co-conspirators are believed to have used in breaching these organizations.

Leveraging the actual indictment document as a guide, Core Security senior product manager Alex Horan
will use CORE IMPACT Pro penetration testing software to demonstrate the techniques by which Gonzales
allegedly stole millions of credit card numbers* - showing you how to identify IT exposures in your own
environment before cybercriminals do.

> Register here: http://www.coresecurity.com/Form/generic/campaign/SecurityFocusGonzalez

During the webcast, you'll see a step-by-step depiction of an attack similar to that described in the
Gonzalez indictment, including the following critical stages:

*  the initial web application compromise via SQL Injection
*  the use of a well-known backend database command to make the attacks even
*  more invasive
*  the planting of malware on the backend database server
*  the collection and transmission of credit card transactions to the
*  attackers

Through the demonstration, you'll also learn how commercial-grade penetration testing software
(Continue reading)

Permalink | Reply | 0 comments |
headers
Tommaso Cucinotta | 28 Oct 08:24
Picon
Favicon

Smart-Card Open Test Toolkit

Hi all,

I would like to announce the availability of SCOTT, an open, modular and
extensible smart-card shell, which can be used for interacting with
smart-card devices, i.e., browsing its contents or also using the
on-board capabilities, as well as for automating such smart-card
operations by means of scripts. The envisioned usage scenario is around
automated smart-card configuration like needed during the development of
smart-card based applications, where one may have to repeatedly perform
a set of operations onto a smart-card, usually for testing purposes. For
example, "formatting" a card and loading some certificates and keys, or
loading some (updated version of a) JavaCard Applet. This is the
motivation for the project name: Smart-Card Open Test Toolkit.

The idea is to have a basic core constituted by a command-line
interactive shell, where external plugins define sets of commands which
can be:
-) commands related to some particular smart-card API, like the "system"
scott-pcsc plug-in, which provides shell commands for listing available
readers, checking status, connecting to the inserted device and sending
generic APDUs;
-) commands corresponding to a set of command APDUs defined by some
specific standard, like the scott-iso7816 plug-in, currently supporting
ISO 7816-4 file management commands
-) commands corresponding to the specific set of APDUs supported by a
particular smart-card device, like the scott-cryptoflex8 plug-in,
currently supporting specific capabilities of the Schlumberger
Cryptoflex 8K device.

Other plugins which may come in the future could be for supporting
(Continue reading)

Permalink | Reply | 0 comments |
headers
Vivek Ramachandran | 10 Sep 06:45

SecurityTubeCon CFP, Venue: Cyberspace!

Dear All,

SecurityTube.net is pleased to announce the CFP for SecurityTubeCon, the 
first hacker conference, to be held completely online!

SecurityTubeCon is aimed at democratizing hacker conferences by allowing 
any researcher, regardless of his physical location, to share his work 
with the community. Unlike other Cons we will not *accept / reject* 
speakers. If you have something interesting to share, you WILL be heard. 
The idea behind SecurityTubeCon is not to pass judgments on your work, 
instead, it aims at providing a platform for knowledge exchange.

Once speakers send in their talk abstracts, we will put it online for 
the community members to decide which talks they want to attend. On the 
day of the conference, speakers will broadcast their talks using 
screencasting software and the interested participants will tune in. The 
participants will use IRC / chat rooms to ask questions to the speakers 
during the talks.

What else is unique about SecurityTubeCon?

a. This conference will be held completely online!
b. Location No Barrier - speak / attend SecurityTubeCon from your bedroom :)
c. Language No Barrier - though we would recommend English as the 
preferred language so you can address a global audience, feel free to 
speak in the language you are most comfortable with
d. $0 is the conference registration fees - absolutely free

For the CFP and other details please visit the conference site at 
http://www.securitytubecon.org
(Continue reading)

Permalink | Reply | 0 comments |
headers
Muhammad Farooq-i-Azam | 24 Jun 09:16
Picon

CHASE - 2009 Lahore Pakistan | Call for Papers


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----------------------------------------------------------

	      C  H  A  S  E  -  2  0  0  9 
			Lahore
		  November 06-10 2009

		http://www.chase.org.pk/

- ----------------------------------------------------------

Registration fee for the first day is only Rs. 700/- which
includes lunch, teas and conference material.

A training tool kit of open source software comprising of
a 500 pages book and 9 CDs would be provided FREE OF COST
to the participants of the event.

Limited travel funds are available for speakers coming
outside of Pakistan.

Completely FREE boarding and lodging for all the 
international participants of the event. 

- ----------------------------------------------------------

CHASE is a unique information and network security event
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dragos Ruiu | 7 May 00:28

EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009

EUSecWest 2009 Speakers

Efficient UAK Recovery attacks against DECT 
	- Ralf-Philipp Weinmann,  University of Luxembourg
A year in the life of an Adobe Flash security researcher 
	- Peleus  Uhley, Adobe
Pwning your grandmother's iPhone 
	- Charley Miller, Independent Security Evaluators
Post exploitation techniques on OSX and Iphone and other TBA matters.
  	- Vincent Iozzo,Zynamics
STOP!! Objective-C Run-TIME.
	- nemo
Exploiting Delphi/Pascal 
	- Ilja Van Sprundel, IOActive
PCI bus based operating system attack and protections 
	- Christophe  Devine & Guillaume Vissian, Thales
Thoughts about Trusted Computing 
	- Joanna Rutkowska, Invisible Things Lab
Nice NIC you got there... does it come with an SSH daemon? 
	- Arrigo Trulzi
Evolving Microsoft Exploit Mitigations 
	- Tim Burrell & Peter Beck,  Microsoft
Malware Case Study: the ZeuS evolution 
	- Vicente Diaz, S21Sec
Writing better XSS payloads 
	- Alex Kouzemtchenko, SIFT
Exploiting Firefox Extensions 
	-Roberto Suggi Liverani & Nick Freeman,  Security-Assessment.com
Stored Value Gift Cards, Magstripes Revisited 
	- Adrian Pastor,  Gnucitizen, Corsaire
(Continue reading)

Permalink | Reply | 0 comments |
headers
Giuseppe Cocomazzi | 24 Apr 00:13
Picon
Favicon

curuncula dbr rootkit detection tool

Hi,
I've released a little program named Curuncula.
Curuncula is a tool shipped as a loadable kernel module that aims to
detect rootkits based on the Intel debugging support facilities.
Rootkits that set the GD access flag are also detected. It makes use of
the "last branch recording" mechanism provided by the Intel
architecture. Support both the 2.4 and 2.6 Linux kernels.
Complete source code can be found here:
http://packetstormsecurity.org/UNIX/audit/curuncula.tgz

I hope you find it useful.
Regards,
Giuseppe Cocomazzi

--

-- 
every day above ground is a good one.
Permalink | Reply | 2 comments |

Gmane