EC-Council Summit Boston 2012, June 4 7
The all-new EC-Council Summit series is created to make advanced security training opportunities available for information security professionals across the globe. Attendees get to choose from a selection of highly technical and advanced training workshops offered by EC-Council Center of Advanced Security Training (CAST), covering current and important security topics such as penetration testing, cryptography, network defense, application security, mobile hacking and forensics, crimeware attribution, etc. The event concludes with a one-day security training seminar that specially designed to comprise a few mini-lectures, and allows for participants to actually learn, and not just listen or be rushed through a short presentation like how its like in some other events or conferences. For schedule of the EC-Council Summit, please visit: http://www.eccouncil.org/summit
TakeDownCon Dallas 2012, May 4 9
This highly technical IT security conference series was launched in 2011 in Dallas, Texas. TakeDownCon is a no-frills and topic focused conference series that is targeted towards the security engineers, researchers and analysts. The topical theme of this unique event series revolves around some of the most talked-about security issues such as Web Application Security, SCADA and Critical Infrastructures, Cloud Security, among others. Cities that are earmarked where TakeDownCon will be hosted in the near future are Las Vegas, Chicago, New York, Washington DC, Amsterdam, London, Johannesburg, Singapore, among others. For more information about TakeDownCon, please visit: http://www.takedowncon.com
EC-Council Summit Alexandria 2012, March 19 21
The EC-Council Summit (formerly known as CAST Summit) is designed with one purpose in mind, to enrich security professionals with the skills and knowledge surrounding the ever-evolving information security landscape. Attendees get to choose from a selection of highly technical and advanced training workshops led by subject matter experts and industry practitioners, covering essential security topics such as penetration testing, cryptography, network defense, application security, mobile hacking and forensics, crimeware attribution, etc. The Summit concludes with a one-day training seminar that is specially designed to comprise a few mini-lectures, and allows for participants to actually learn, and not just listen or be rushed through a short presentation.
http://www.eccouncil.org/training/advanced_security_training/cast_summit.aspx
The Open Organisation Of Lockpickers (TOOOL) Presentation at ShmooCon 2012
The mission of the Open Organisation Of Lockpickers is to advance the general public knowledge about locks and lockpicking. By examining locks, safes, and other such hardware and by publicly discussing our findings we hope to strip away the mystery with which so many of these products are imbued.
The more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sportpicking endeavors and also helps them simply be better consumers in the marketplace, making decisions based on sound fact and research.
Check them out at toool.us
Microsoft Outlook File Attachment Denial Of Service Vulnerability
Microsoft Outlook File Attachment Denial Of Service Vulnerability
Rating: High
Affected OS: Windows XP (Service Pack 3, [++])
Description: A denial of service vulnerability is present in some version of Microsoft Outlook.
Recommendation: Currently we are unaware of a vendor-supplied patch or update.
Observation: Microsoft Outlook is a personal information manager and a part of the Microsoft Office suite.
A denial of service vulnerability is present in some version of Microsoft Outlook.
The vulnerability is in the way that the affected software handles specially crafted email file with malicious attachment. If an attacker successfully exploited this vulnerability, it cause to a denial of service condition.
Common Vulnerabilities & Exposures (CVE): NA
IAVA Reference Number: NA
Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service
Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service
Rating: High
Affected OS: Windows XP (Service Pack 3, [++])
Description: A denial of service vulnerability is present in some versions of Microsoft Windows.
Recommendation: Currently we are unaware of a vendor-supplied patch or update.
Observation: A denial of service vulnerability is present in some versions of Microsoft Windows.
The flaw lies in a divide-by-zero error condition when processing specific MPEG Layer-3 data. Exploitation can be achieved via a specially crafted AVI file. Upon exploitation, and attacker may gain the ability to remotely affect the availability of the vulnerable host.
Common Vulnerabilities & Exposures (CVE): NA
IAVA Reference Number: NA
