CanSecWest 2008 Mar 26-28
CanSecWest 2008 Presentations
Snort 3.0 - Marty Roesch, Sourcefire
Cross-Site Scripting Vulnerabilities in Flash Authoring Tools - Rich
Cannings, Google
Proprietary RFID Systems - Jan "starbug" Krissler and Karsten Nohl, CCC
Media Frenzy: Finding Bugs in Windows Media Software - Mark Dowd and
John McDonald, IBM ISS
Targeted Attacks and Microsoft Office Malware - Rob Hensing, Microsoft
Virtually Secure - Oded Horovitz, VMWare
Malicious Cryptography - Frédéric Raynal and Eric Filiol, Sogeti/Cap-Gemini
and ESAT
The Death of AV Defense in Depth: Revisiting Anti-Virus Software -
Thierry Zoller and Sergio Alvarez, nRuns
VMWare Issues - Sun Bing, McAfee
Intrusion Detection Systems Correlation: a Weapon of Mass
Investigation - Sebastien Tricaud and Pierre Chifflier, INL
Web Wreck-utation - Dan Hubbard and Stephan Chenette, WebSense
Secure programming with gcc and glibc - Marcel Holtmann, Intel
Mobitex network security - olleB, toolcrypt.org
Peach Fuzzing - Michael Eddington, Leviathan
Fuzz by Number - Charlie Miller, Independent Security Evaluators
Fuzzing WTF? What Fuzzing Was, Is And Never Will Be. - Frank Marcus
and Mikko Varpiola,Wurldtech / Condenomicon
Vulnerabilities Die Hard - Kowsik Guruswamy, Mu
Hacking Windows Vista - Dan Grifin, JW Secure
ExeFilter: a new open-source framework for active content filtering -
Philippe Lagadec,NATO/NC3A
VetNetSec: Security testing for Extremists - Eric Hacker, BT INS
w3af: A framework to own the web - Andres Riancho, Cybsec
A Unique Behavioral Science Approach to Threats, Extortion and
Internal Computer Investigations - Scott K. Larson, Stroz Friedberg
--
2008 Dojos
Vulnerability Discovery Demystified Mark Dowd and Justin Schuh
The Exploit Laboratory - Advanced Edition Saumil Shah
Advanced Honeypot Tactics Thorsten Holz
Mastering the network with Scapy Philippe Biondi
Voice over IP (VoIP) Security Nico Fischbach
Practical 802.11 WiFi (In)Security Cédric Blancher
Advanced Linux Hardening Andrea Barisani
Defend The Flag Microsoft
--
2008 PWN 2 OWN
There will three targets:
A MacBook Air, running the latest OSX, patched, typical configuration.
A Sony VAIO VGN-TZ37CNB, running Ubuntu, latest release.
A Fujitsu U810, Running Vista, latest update.
The contest will be adjudicated by our impartial celebrity judge:
Ronald C. Dodge JR., Ph.D.
Lieutenant Colonel, Academy Professor
Associate Dean, Information and Education Technology,
United States Military Academy
The victory conditions will be the contents of specific
specially planted files on each system, to be extracted
by winners. Hack them and you get to keep them, and
any associated prizes for the exploits used, oh and the
fame and glory. :-)
Browsers (I.E., Mozilla, Safari), Mail Clients (Outlook,
Mail.app, Thunderbird), and IM clients (MSN, Adium,
Pigdin, Skype all platforms) are all in scope.
More details and official rules soon.
cheers,
--dr
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada March 25-28 - 2008 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp