Monday, 2 November 2009
DeepSec 2009
Forwarded from: DeepSec Conference - Announcement
== DeepSec In-Depth Security Conference 2009 "TripleSec" ==
This is a reminder for the third DeepSec conference, taking place between 17th and 20th November at the Imperial Riding School Renaissance Hotel.
== Schedule ==
The schedule of all presentations can be found on our web site:
Random speaker and content from the schedule:
Karsten Nohl from H4RDW4RE will present the latest development on his project to break A5/1 with the help of pre-computed tables as announced at HAR 2009. Karsten Nohl says, that a public PoC on cracking GSM"s encryption is necessary to raise awareness about the risks of sending sensitive information over GSM networks. In March 2008 the finalisation of A5/1 rainbow tables was announced but never released in public, the first academic attacks date even back to 1997. Today it is believed that agencies and well-funded organizations have access to efficient A5/1 crackers. Publishing a practical attack in public will give a better awareness about the situation of an encryption scheme that was designed and developed in the 1980ies and still used today.
More talks at the conference! - https://deepsec.net/register/
== Sponsors ==
We would like to thank our sponsors that have supported the conference:
Microsoft, Sourcefire, Global Knowledge, The British Bookshop, Viennese Chamber of Commerce and CERT.at.
== About DeepSec ==
DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security. The DeepSec Conference will be held from November 17th to 20th 2009 in Vienna, and aims to bring together the world's leading security professionals from academics, government, industry, and the underground hacking community.
In addition to the conference with presentations we will offer a selection of two-day intense security training courses before the main conference.
DeepSec is a non-product, non-vendor-biased conference. Our aim is to present the best research and experience from the fields' leading experts.
Best regards,
DeepSec In-Depth Security Conference organisation team:
Michael Kafka, DeepSec GmbH
René Pfeiffer, DeepSec GmbH
Initiated by Paul Böhm, DeepSec GmbH
Contact: https://deepsec.net/contact/
Swedish Police DDOSED
By Shaun Nichols in San Francisco
V3.co.uk
31 Oct 2009
A denial of service attack crippled the web site for Sweden's police administration earlier this week.
The attacks flooded the site with information requests, causing the servers to crash and take the site offline. According to Swedish news site The Local, at its peak the attack caused traffic to spike from 800 requests per second to more than 400,000 requests per second.
In addition to crippling the police site, the attack also took down as many as 40 media sites also being hosted by service provider Basefarm.
The Local reported that as of Friday evening Swedish time, neither the hosting firm nor police investigators knew who was behind the attacks or their motive for taking the sites down.
In recent years, distributed denial of service attacks have grown increasingly popular as a form of both protest and cyber warfare.
Multiple computers and botnets are used to flood sites with traffic, causing servers to down and taking sites offline for extended periods of time.
site founder DDOSING?
By Dan Goodin in San Francisco
The Register
30th October 2009
Federal prosecutors have accused a co-founder of YouSendIt.com of repeatedly launching web attacks against the popular upload site.
Khalid Shaikh, who was CEO and CTO of the California-based company until he left in 2006, used an Apache benchmarking program to flood YouSendIt servers with more traffic than they could handle, according to documents filed in US District Court in Northern California. Prosecutors allege Shaikh launched the denial of service attacks on four occasions, starting in December 2008 and ending the following June.
"By transmitting the ApacheBench program to YouSendIt's servers, Shaikh was able to overwhelm the server's capabilities and render it unable to handle legitimate network traffic," an indictment filed Wednesday stated.
Shaikh told The Register the allegations are untrue.
"I'm very excited about being able to talk to a judge," said Shaikh, who said he's 32 years old. "They spin a very good story."
Shaikh said he and a brother co-founded YouSendIt in 2004 and ended up leaving the company following differences with the company's investors and remaining executives.
The Register
30th October 2009
Federal prosecutors have accused a co-founder of YouSendIt.com of repeatedly launching web attacks against the popular upload site.
Khalid Shaikh, who was CEO and CTO of the California-based company until he left in 2006, used an Apache benchmarking program to flood YouSendIt servers with more traffic than they could handle, according to documents filed in US District Court in Northern California. Prosecutors allege Shaikh launched the denial of service attacks on four occasions, starting in December 2008 and ending the following June.
"By transmitting the ApacheBench program to YouSendIt's servers, Shaikh was able to overwhelm the server's capabilities and render it unable to handle legitimate network traffic," an indictment filed Wednesday stated.
Shaikh told The Register the allegations are untrue.
"I'm very excited about being able to talk to a judge," said Shaikh, who said he's 32 years old. "They spin a very good story."
Shaikh said he and a brother co-founded YouSendIt in 2004 and ended up leaving the company following differences with the company's investors and remaining executives.
money mules warning
By Kevin Poulsen
Threat Level
Wired.com
October 29, 2009
Bank customers are increasingly being duped into acting as 'money mules'
for hackers, unwittingly laundering cash stolen from business bank accounts, the Federal Deposit Insurance Corporation warned the nation's financial institutions on Thursday.
Using specialized Trojan horse malware, cybercrooks have been intercepting web-banking credentials from the computers of small and midsize businesses, and then initiating wire transfers to mules around the country. The mules are consumers who've been lured into fake work-at-home scams, in which their employment involves receiving money transfers and then forwarding the funds to Eastern Europe, either directly or through other mules.
The scheme has exploded in the last year, with the FBI estimating losses at $40 million so far, according to a recent story from WashingtonPost.com reporter Brian Krebs, who's been closely following the attacks.
Subscribe to:
Posts (Atom)