This is a reminder that the Call for Papers for HITBSecConf2008 -
Malaysia is closing on the 30th of June.

The HITBSecConf series is a deep-knowledge technical conference. Talks
that are more technical or that discuss new and never before seen attack
methods are of more interest than a subject that

[ more ]  [ reply ]

The codes, tools, exploits, slides and other presentation goodies from
HITBSecConf2008 - Dubai are available for download! You will also find a
'bonus download' of the live recording of DJ Negative's set from the
HITB Post Conference Party at the URL below :)

http://conference.hitb.org/hitbsecconf2

[ more ]  [ reply ]

(We've moved the conference this year to the a club
in Leicester Square in the heart of London and SoHo.
We'll be putting speakers up across the square at the
Radisson Edwardian Hampshire, but there are lots of
hotels in the region there in the center of London
for those who want to attend (the ve

[ more ]  [ reply ]

Calendar Notes:
===========

PacSec 2008 will be on November 12/13 in Tokyo at Aoyama Diamond Hall.

EUSecWest 2008 will be on May 21/22 at a fun new venue in central London.
(We cooked this schedule up so it will enable people to fly to Berlin on
the 23rd and make FX's ph-neutral on Saturday the 2

[ more ]  [ reply ]

CanSecWest 2008 Presentations

Snort 3.0 - Marty Roesch, Sourcefire

Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich
Cannings, Google

Proprietary RFID Systems - Jan "starbug" Krissler and Karsten Nohl, CCC

Media Frenzy: Finding Bugs in Windows Media Software - Mark Dowd and

[ more ]  [ reply ]

The videos from Hack In The Box Security Conference 2007 Malaysia is now
available for download! The files were created in Quicktime, however if
you're having trouble playing them on your platform, please ensure you
have the latest 3IVX codec installed.

Time to fire up your favorite Bit Torrent

[ more ]  [ reply ]

So I was searching for information security providers and I came across one that seems fairly interesting. The name of the company is Datahack Technologies. It seems that they are a rather new company, but they make some very large claims. In one part of their site they state that they are leaders

[ more ]  [ reply ]

I'd like to congratulate Adam Laurie for winning the second Powerbook
from the Pwn_to_Own contest as the prize for the best speaker rated
by the audience for his presentation on RFID at CanSecWest 2007.
We will have a similar prize for the best speaker at CanSecWest 2008,
prize TBD (but we promise i

[ more ]  [ reply ]

The CFP for HITBSecConf2008 - Dubai is now open.

Our 2008 event is expected to attract over 300 attendees from around the
EMEA region and will see keynote speakers Bruce Schneier (Founder and
CTO, BT Counterpane) and Jeremiah Grossman (Founder and CTO, White Hat
Security). The event is supported an

[ more ]  [ reply ]

Hello,

Many thanks to everyone for your time and advice. Some replies were
sent directly to me therefore I will try to summarise and make a
single reply here.

So far, the advice given was:
Ban IPs, regions etc.
Allow only member IPs
Forensic logging etc.
Contact hosting company
Contact Authoriti

[ more ]  [ reply ]

I have a small, members only forum with about 150 members. It is
hosted on a third party server. A few days ago I received an email
demanding $500 to be paid into an e-gold account, otherwise attacks
would start. I did not reply and last 3 days my domain/forum has
been under DDoS attack. Attacks

[ more ]  [ reply ]

Folks

Do we really have to modify an already lousy description?

"Social Engineering" is yet another example of the IT community bastardising
established terms used perfectly well for decades in other disciplines (eg
pyschology,sociology and political science), and in doing so confusing the
meani

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[MODERATOR COMMENT: Below is a message originally posted by
Christopher Meyer. I 'accept'ed it a while back but apparently
something went wrong and it never appeared on the list. So I'm
reposting it on his behalf, hopefully it works this time.]

======

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Forwarded message from Kelly Martin <kel (at) securityfocus (dot) com [email concealed]>

The following front page column was published on SecurityFocus
recently:

Blanket Discovery for Stolen Laptops
by Mark Rasch
published 2007-03-12

Mark Rasch discusses the legal issues behind

[ more ]  [ reply ]

Does anyone know of any real life cases involving reverse social
engineering that have been made public?

I'm working on a paper, and would like to include one, but I can't
find anything credible I can use as a reference.

Thanks,
Mike

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

***Forwarded message from Kelly Martin <kel (at) securityfocus (dot) com [email concealed]>***

The following column was published on SecurityFocus today:

Laptop Losses and Phishing Fruit Salad
by Dr. Neal Krawetz
published 2007-02-15

Dr. Neal Krawetz takes a look at the numbers

[ more ]  [ reply ]

I just saw this story which is pretty interesting
http://www.eweek.com/article2/0,1759,1888714,00.asp?kc=EWRSS03119TX1K000
0594

Aaron

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----- Forwarded message from Kelly Martin <kel (at) securityfocus (dot) com [email concealed]> --
- ---
The following front page column was published on SecurityFocus
today:

Mouse-Trapped
by Mark Rasch
published 2007-02-12

Substitute teacher Julie Amero faces up to 40 years in

[ more ]  [ reply ]