CanSecWest 2008 Presentations

Snort 3.0 - Marty Roesch, Sourcefire

Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich
Cannings, Google

Proprietary RFID Systems - Jan "starbug" Krissler and Karsten Nohl, CCC

Media Frenzy: Finding Bugs in Windows Media Software - Mark Dowd and

[ more ]  [ reply ]

Dear Information Security Freaks,

This is to announce that the line-up of the speakers and their subjects
is finally up in a draft version on hack.lu 2007 (http://www.hack.lu/).

Have a look and register as space is limited and prices go up progressively.

We managed again to have speakers from all

[ more ]  [ reply ]

Hi folks,

Few months ago I have been analyzing some companies that offers its services fighting phishing websites that affect to your company. One of them is Hispasec, Hispasec is a company from Spain that has been doing a great work in these terms.

Now, my question is, what actions take those

[ more ]  [ reply ]

Thanks for your help everyone. The site was taken down by yahoo
yesterday evening.

- Ryan

On 7/13/07, Ryan Greenier <rgreenier (at) gmail (dot) com [email concealed]> wrote:
> Anyone have any good contacts for Yahoo to get a phishing site taken down?
> Apparently someone stole a credit card, registered a domain name & bought

[ more ]  [ reply ]

Anyone have any good contacts for Yahoo to get a phishing site taken
down? Apparently someone stole a credit card, registered a domain name
& bought some space on a Yahoo web server in appearance of one of my
company's clients. Nothing out of the ordinary, but what is out of the
ordinary for me is t

[ more ]  [ reply ]

+++ Apologies for multiple postings +++

************************************************************************
**

3rd European Conference on Computer Network Defence (EC2ND)
4-5 October 2007, Aldemar Royal Mare Village, Hersonissos, Crete, Greece
http://2007.ec2nd.org/

Call for Papers
----------

[ more ]  [ reply ]

Hello all,

I am trying to filter "spam"/fake emails populating my distribution
lists, I currently do not have a spam filter. I was wondering if a spam
filter would do justice or do I have to continue manually filtering fake
emails. The emails look very legit however some of the wordage is off
and t

[ more ]  [ reply ]

To add to this, this would still be very little, and in most cases,
limited information since most phishers/ scammers, etc. host the scams
on similar sounding subdomains at best.

It would still be interesting, if the information that can be gathered
from this (like owner name patterns, etc) can be

[ more ]  [ reply ]

Hi,

I have two questions on domain name registrations

1. Is there a free online service where I can get alerted if somebody
registers a top level domain similar to my bank's URL ?

2. How do you tackle this problem of spoofed domain name
registrations. Should you go ahead and buy all domains which

[ more ]  [ reply ]

Hi all,

Just posted a new writeup on my blog, http://phishtrails.blogspot.com/, titled "Mining Web Server Logs".

This time results from an actual phishing incident analysis, where we analyzed the web server referer logs and the application audit trails to identify the location of the phisher (not

[ more ]  [ reply ]

This is one of the groups (energizer) that we're following.

This is supposedly samples of their cash flow. I'd guestimate 2 million
is shown here.
--
Lance James <bugtraq (at) securescience (dot) net [email concealed]>
Secure Science Corporation

[ more ]  [ reply ]