underground.org.mx
0
  • Enero 18, 2020, 03:18:27 am
  • Bienvenido(a), Visitante
Por favor ingresa o regístrese.

Ingresar con nombre de usuario, contraseña y duración de la sesión
Búsqueda Avanzada  

Mostrar Mensajes

Esta sección te permite ver todos los mensajes hechos por este usuario, recuerda que solo puedes ver los mensajes en áreas en donde tu tienes acceso.

Mensajes - hkm

Páginas: [1] 2 3 4
1
Hola Kukulcan84. Bienvenido al foro. Gracias por compartir el video.

Les recuerdo que si quieren embedir videos de Youtube es solo cuestion que usen el BBCode [html]. Si quieren un video de como hacerlo se los dejo aquí. Esta un poco largo el video, en realidad solo es copiar el codigo de Youtube y pegarlo entre tags de [html] ... [/html]


2
General / Re:@RetOSINT - Participa en retos de OSINT vía Twitter
« on: Enero 15, 2020, 12:20:51 pm »
Bienvenido bl4sph3m!

Gracias por crear este tipo de iniciativas, es una forma divertida de aprender sobre herramientas y técnicas de OSINT y Cyber Threat Intelligence.

Saludos.

3
General / Lista de las mejores técnicas de hacking web del 2019
« on: Enero 14, 2020, 05:01:40 pm »
Lista de las mejores técnicas de hacking web del 2019

Exploiting SSRF in AWS Elastic Beanstalk
Get pwned by scanning QR Code
Exploiting Null Byte Buffer Overflow for a $40,000 bounty
Infiltrating Corporate Intranet Like NSA: Pre-Auth RCE On Leading SSL VPNs
Unveiling vulnerabilities in WebSocket APIs
Reverse proxies & Inconsistency
Abusing HTTP hop-by-hop request headers
DOMPurify 2.0.0 bypass using mutation XSS
PHP-FPM RCE(CVE-2019-11043)
Security analysis of portal element
Exploiting prototype pollution - RCE in Kibana
At Home Among Strangers
HostSplit: Exploitable
Finding and Exploiting .NET Remoting over HTTP using Deserialisation
Microsoft Edge (Chromium) - Elevation of Privilege to Potential RCE
Remote Code Execution via Insecure Deserialization in Telerik UI
Cross-Site Leaks por SirDarckCat
Exploiting Spring Boot Actuators
Owning The Clout Through Server Side Request Forgery
The world of Site Isolation and compromised renderer
XSS in GMail's AMP4Email via DOM Clobbering
Common Security Issues in Financially-Oriented Web Applications
A Tale of Exploitation in Spreadsheet File Conversions
Uploading web.config for Fun and Profit 2
Far Side of Java Remote Protocols
All is XSS that comes to the .NET
The Cookie Monster in Your Browsers
Hacking Jenkins Part 2 - Abusing Meta Programming for Unauthenticated RCE!
Exploring Continuous Integration Services as a Bug Bounty Hunter
Exploiting Deserialisation in ASP.NET via ViewState
Don't open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, ...
Bypassing SOP Using the Browser Cache
SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP
Exploiting JNDI Injections in Java
Reusing Cookies
Abusing autoresponders and email bounces
HTTP Desync Attacks: Request Smuggling Reborn
Let's Make Windows Defender Angry: Antivirus can be an oracle!
SSO Wars: The Token Menace
XSS-Auditor — the protector of unprotected and the deceiver of protected
DoS via Web Cache Poisoning
Facebook Messenger server random memory exposure through corrupted GIF
Exploiting padding oracles with fixed IVs
Getting Shell with XAMLX Files
Apache Solr Injection Research
ESI Injection Part 2: Abusing specific implementations
Backchannel Leaks on Strict Content-Security Policy
Google Search XSS
IIS Application vs. Folder Detection During Blackbox Testing

Fuente y votación por el Top 10: https://portswigger.net/polls/top-10-web-hacking-techniques-2019
*La votación termina el 27 de enero.

4
General / Getting Started With ATT&CK [Ebook]
« on: Enero 14, 2020, 08:05:49 am »
"Getting Started With ATT&CK" es un Ebook (PDF) que contiene un compilado de publicaciones de MITRE sobre como utilizar correctamente el framework.


...during summer 2019 we decided to write a series of blog posts around getting
started with ATT&CK. The posts, inspired by Katie Nickels’ Sp4rkcon talk “Putting MITRE
ATT&CK into Action with What You Have, Where You Are,” were written by members of
the ATT&CK team and focused on what we consider ATT&CK’s four primary use cases.
For each use case, the authors laid out advice on how an organization could get started
with ATT&CK based on available resources and overall maturity.
This publication pulls together their collective wisdom, originally posted on Medium, into
a single package. We hope you read it and get some new ideas on getting started with
ATT&CK. Let us know what you think—we’d love to hear your feedback.

Adam Pennington
Principal Cybersecurity Engineer
ATT&CK Blog Editor in Chief
MITRE


https://www.mitre.org/sites/default/files/publications/mitre-getting-started-with-attack-october-2019.pdf

5
Noticias y Eventos / DEF CON Las Vegas [Agosto 6 - 9]
« on: Enero 13, 2020, 09:23:09 pm »
DEF CON is what you make of it.

https://defcon.org/

6
Noticias y Eventos / Black Hat USA [Agosto 1 - 6]
« on: Enero 13, 2020, 09:11:45 pm »
https://www.blackhat.com/index.html

Black Hat is the most technical and relevant information security event series in the world. For more than 20 years, Black Hat Briefings have provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas to the most respected information security event series internationally. Today, Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, providing a premier venue for elite security researchers and trainers to find their audience.

WHAT WE DO
Briefings
Black Hat Briefings were created more than 20 years ago to provide security professionals a place to learn the very latest in information security risks, research and trends. Each year, internationally leading security researchers take the stage to share their latest work and exploits in a friendly, vendor-neutral environment. Vulnerabilities are often exposed that impact everything from popular consumer devices to critical international infrastructure and everything in between. Black Hat seeks groundbreaking research to fill both 25 and 50-minute speaking slots for each annual show.

Trainings
Black Hat Trainings offer attendees individual technical courses on topics ranging from the latest in penetration testing to exploiting web applications and even defending and building SCADA systems. Often designed exclusively for Black Hat, these hands-on attack and defense courses are taught by industry and subject matter experts from all over the world with the goal of defining and defending tomorrow's information security landscape.

Review Board + Content Selection
The Black Hat Review Board is comprised of over 24 of the industry's most credible and distinguished security professionals and thought leaders throughout various areas of the information security community. The Review Board advises Black Hat on its strategic direction, reviewing and programming conference content and providing unparalleled insight into the research community. You can find more information on the Review Board here: www.blackhat.com/review-board.html.

Black Hat strives to deliver one of the most empirical content selection processes in the industry. All submissions are vetted thoroughly by the Black Hat Review Board. Each submission is reviewed for uniqueness, overall content expertise and accuracy before any selections are made. Through the course of this dynamic review process, the Black Hat Review Board members will frequently ask researchers for clarity on any areas of question in their submissions – whether it be about the uniqueness or audacity of claims made. The best submissions come with academic-grade papers, proof-of-concept code and/or video demonstrations of the work done. Of note, Black Hat does not support pay-for-play Briefings. The Black Hat Briefings are and always have been independently selected based on quality of content and area of expertise rather than sponsorship.

Attracting Top Talent and Research
Black Hat is proud of the level of research and vulnerability disclosures that happen onsite each year. We also strongly support and encourage responsible disclosure. To this end, Black Hat has a strong partnership with the Electronic Frontier Foundation (EFF) to provide pro-bono legal consultations to security researchers on the legality of any research or data they plan to present at the annual shows. Black Hat and EFF are dedicated to defending free speech and privacy rights to facilitate the boundary–pushing research and vulnerability disclosure that attendees have come to know and love at each annual show.

WHO SHOULD ATTEND
Security Practitioners
(IT Specialists, Security Analysts, Risk Managers, Security Architects/Engineers, Penetration Testers, Security Software Developers, Cryptographers, Programmers, Government Employees and many more)
Hone your skills with the latest tools and techniques being used in the industry through Black Hat's intensely technical and relevant Briefings and Trainings. Explore challenges and successes others in the field are experiencing, while collaborating on uses for emerging platforms, development models and best practices.

Security Executives, Business Developers and Venture Capitalists
(CISOs, CEOs, Presidents, Directors, VPs, Consultants)
Take advantage of a multi-billion-dollar industry by networking with other top information security executives, practitioners and potential investors. Gain knowledge of opportunities in the constantly growing information security industry while engaging with the community that is molding the future of the field and trailblazing new ventures. The Black Hat CISO Summit, an exclusive gathering of 200 top industry executives and security industry leaders, ignites open conversations and "think tank" style breakout sessions. This full day of discussions is unique to Black Hat and provides unmatched opportunities for networking and learning.

Vendor Companies and Sponsors
(Hardware, Software, Middleware, Services, More)
Black Hat attracts more than 17,000 of the world's most renowned security experts, executives and attendees, creating the industry's most dynamic and concentrated information security community. Engage this audience over the course of two days by showcasing your latest and greatest innovations, expertise, services and products.

The Business Hall is the epicenter of where business happens at Black Hat, featuring more than 150 of the industry's top solution providers and start-ups showcasing the latest tools, technologies and services supporting the security community.

Career Seekers and Recruiters
(Seasoned Veterans, Students, Schools, Expanding Companies)
Black Hat provides an opportunity for you to get your name out to the best new and seasoned talent in the industry. Meet face-to-face with the top international talent committed to defining and defending the future of security. Job seekers, meet with the most influential companies and recruiters who are hiring now. Bring your resumes and business cards and make game-changing connections.

Academia
(Professors, Students Aged 18+)
Black Hat provides students with the opportunity to interact with and learn from top industry professionals through conference sessions, networking activities, Business Hall Sessions, and more. There is an academic rate for students and full-time university professors interested in attending.

https://www.blackhat.com/index.html

7
Noticias y Eventos / REcon Montreal [Junio 28 - Julio 4]
« on: Enero 13, 2020, 09:05:52 pm »
https://recon.cx/

WHAT
REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. It offers a single track of presentations over the span of three days with a focus on reverse engineering and advanced exploitation techniques.

For more information, including pricing and hotel reservation details, head over to the conference page.

WHEN
Conference: June 28 - 30, 2019

Training: June 24 - 27, 2019

Training: July 1 - 4, 2019

WHERE
REcon will be held in downtown Montreal, Canada at the Hilton Double Tree.

Some training will be held at Monville a block away from Hilton Double Tree. Training location will be annouced when registration open

Important Note: As of last year many foreign travelers to Canada will require an Electronic Travel Authorization (eTA) prior to entering the country. Please check the following website to find out if this applies to you: http://www.cic.gc.ca/english/visit/visas.asp

The second round of talks have been accepted
We’d like to congratulate the submitters who have been selected for the second phase of the CFP!

Attacking Hexagon: Security Analysis of Qualcomm's ADSP by Dimitrios Tatsis
Automating the exploit primitive discovery process in embedded devices by Christopher Roberts
Automation Techniques in C++ Reverse Engineering by Rolf Rolles
Burned in Ashes: Baseband Fairy Tale Stories by Guy
Defeating APT10 Compiler-level Obfuscations by Takahiro Haruyama
MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection by Colin O'Flynn
Mining Disputed Territories: Studying Attacker Signatures for Improved Situational Awareness by Juan Andres Guerrero-Saade
Open-Source Ghidra: The First Few Months by emteere and ghidracadabra
Reversing and Exploiting Broadcom Bluetooth by Dennis Mantz and jiska
Seeing Inside the Encrypted Envelope by Natalie Silvanovich
Snow Crashing Virtual Reality, 2019 Edition by Alex Radocea
The (Long) Journey To A Multi-Architecture Disassembler by Joan Calvet
The Backdoor Foundry: A Toolchain for Building Application Specific Implants by Evan Jensen
The Last Generic Win32k KASLR Defeat in Windows 10 by Alex Ionescu
The Path to the Payload: Android Edition by Maddie Stone
The ROM matrix revolutions: Unscrambling bits by Chris Gerlinsky
The road to Qualcomm TrustZone apps fuzzing by Slava Makkaveev
Unveiling the underground world of Anti-Cheats by Joel Noguera
Using WPP and TraceLogging Tracing to Facilitate Dynamic and Static Windows RE by Matt Graeber
Vectorized Emulation: Putting it all together by Brandon Falk
April 23, 2019
The first round of talks have been accepted
We’d like to congratulate the submitters who have been selected for the first phase of the CFP!

Burned in Ashes: Baseband Fairy Tale Stories by Guy (@shiftreduce)
The ROM matrix revolutions: Unscrambling bits by Chris Gerlinsky
Unveiling the underground world of Anti-Cheats by Joel Noguera
The Backdoor Foundry: A Toolchain for Building Application Specific Implants by Evan Jensen
The Path to the Payload: Android Edition by Maddie Stone
MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection by Colin O'Flynn
Seeing Inside the Encrypted Envelope by Natalie Silvanovich
Open-Source Ghidra: The First Few Months by emteere and ghidracadabra
Attacking Hexagon: Security Analysis of Qualcomm's ADSP by Dimitrios Tatsis

https://recon.cx/

8
Noticias y Eventos / IEEE SP 2020 San Francisco [Mayo 18 - 20]
« on: Enero 13, 2020, 06:43:27 pm »
https://www.ieee-security.org/TC/SP2020/index.html

MAY 18-20, 2020 AT THE HYATT REGENCY, SAN FRANCISCO, CA

41st IEEE Symposium on
Security and Privacy

Sponsored by the IEEE Computer Society Technical Committee on Security and Privacy in cooperation with the International Association for Cryptologic Research

Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. The 2020 Symposium will mark the 41st annual meeting of this flagship conference.

The Symposium will be held on May 18-20, 2020, and the Security and Privacy Workshops will be held on May 21, 2020. Both events will be in San Francisco, CA at the Hyatt Regency.

https://www.ieee-security.org/TC/SP2020/index.html

9
Noticias y Eventos / NorthSec Montreal [Mayo 10 - 17]
« on: Enero 13, 2020, 06:39:54 pm »
https://www.nsec.io/

Training
May 10-11-12-13, 2020
Training
High-quality training sessions, given by the absolute best experts in their field. We strive to provide the highest level of exclusive content, giving you a unique opportunity to improve your applied security knowledge.

Conference
May 14-15, 2020
Conference
Subjects covered will be as diverse as pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware and cryptography.

Competition (CTF)
May 15-17, 2020
Competition (CTF)
Our applied security contest (also called "Capture The Flag") opposes 75 teams of 8 people trying to obtain the most points by capturing flags.


NorthSec is pleased to announce its high-quality training sessions, given by the absolute best experts in their field. We strive to provide you with the highest level of exclusive content, giving you a unique opportunity to improve your applied security knowledge during NorthSec.

Training Sessions include
Full ticket to the NorthSec Conference
Full ticket to the NorthSec Conference
Coffee, refreshments, snacks and lunch
Coffee, refreshments, snacks and lunch
Special Networking Event
Special Networking Event
2020 Sessions
   
Crypto Attacks and Defenses
JP Aumasson
Teserakt
Philipp Jovanovic
EPFL DEDIS Lab
May 12, 13th
This training familiarizes developers and security professionals of any level with modern cryptography concepts and best practices. It covers basic notions, including randomness generation, authenticated encryption, and elliptic curves, as well as applications like TLS 1.3, password security protocols, libraries and APIs, and software side-channel attacks. Finally, our training offers an overview of advanced topics including post-quantum cryptography. More information

Mastering Burp Suite Pro 100% Hands-On
Nicolas Gregoire
Agarri
May 11, 12 and 13th
Burp Suite Pro is the leading tool for auditing Web applications at large. Mastering it allows users to get the most out of the tool, optimizing time spent. Work will be faster, more effective and more efficient. What’s more, advanced automation techniques allow detection of additional vulnerabilities whether complex or subtle. Attendees will also learn to measure the quality of their attacks, a crucial skill in real-life engagements. More information

Advanced Web Hacking
Dhruv Shah
NotSoSecure
May 11, 12 and 13th
Advanced Web Hacking class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focuses on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). This hands-on class covers neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. In this class vulnerabilities selected are ones that typically go undetected by modern scanners or the exploitation techniques are not so well known. More information

Mastering Container Security
Rory McCune
NCC Group
May 12, 13th
Containers and container orchestration platforms such as Kubernetes are on the rise throughout the IT world, but how do they really work and how can you attack or secure them? This course takes a deep dive into the world of Linux containers, covering fundamental technologies and practical approaches to attacking and defending container-based systems such as Docker and Kubernetes. In the 2020 version of the course we'll be focusing more on Kubernetes as it emerges as the dominant core of cloud native systems and looking at the wider ecosystem of products which are used in conjunction with Kubernetes. More information

Dark Side Ops: Malware Dev
SilentBreak Security
May 10, 11th
Dark Side Ops: Malware Dev focuses on the goals, challenges, architecture, and operations of advanced persistent threat (APT) tooling. Participants will dive deep into source code to gain a strong understanding of execution vectors, payload generation, automation, staging, command and control, and exfiltration. More information

Adversary Tactics: Detection
SpecterOps
May 10, 11, 12 and 13th
Enterprise networks are under constant attack from adversaries of all skill levels. Blue teamers are facing a losing battle; as the attacker only needs to be successful once to gain access. This course builds on standard network defense and incident response (which target flagging known malware) by focusing on abnormal behaviors and the use of attacker Tactics, Techniques, and Procedures (TTPs). We will teach you how to create threat hunting hypotheses based on attacker TTPs to perform threat hunting operations and detect attacker activity. In addition, you will use free and open source data collection and analysis tools (Sysmon, ELK and Automated Collection and Enrichment Platform) to gather and analyze large amounts of host information to detect malicious activity. You will use these techniques and toolsets to create threat hunting hypotheses and perform threat hunting in a simulated enterprise network undergoing active compromise from various types of threat actors. More information

Adversary Tactics: Red Team Ops
SpecterOps
May 10, 11, 12 and 13th
Upgrade your Red Team engagements with bleeding-edge Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This course will teach students how to infiltrate networks, gather intelligence, and covertly persist in a network like an advanced adversary. Students will use the skillsets taught in Adversary Tactics: Red Team Ops to go up against live incident responders in an enterprise lab environment designed to mimic a mature real-world network. Students will learn to adapt and overcome Blue Team response through collaborative feedback as the course progresses. More information

Fine print
Dates
Training sessions take place right before the conference from Sunday til Wednesday. Dates vary by individual training, make sure to check. Training sessions start at 9am and finish at 5pm. Trainers can lengthen the schedule if they want to.

Included
Full ticket to the NorthSec Conference (Thursday and Friday)
Coffee, refreshments, snacks and lunch
Access to a special networking event with drinks on May 12th
If you already purchased your conference ticket, write us un email at registration@nsec.io to get a refund. Note that we reserve the right to cancel a training if a minimum number of participants isn’t met.

Pricing
See individual training pages for pricing.

Early bird until December 31st: 20% off*
Not-so Early bird until February 29th: 10% off*
Student pricing (50% off) is available upon request and on selected training. Contact us for details.
Prices are in $CAD before taxes and eventbrite fees
* NEW: There is a 5 ticket per training limit on the number of early bird and not-so early bird tickets. The next early bird pricing will be automatically available when the previous one is sold out.

Venue
The training sessions will be hosted at the Downtown Holiday Inn Hotel this year. See our Venue page for details.

Continuing Professional Education (CPE) Credits
We can emit proof of CPE credits for those who are certified through (ISC)2 upon request.

16 CPE credits for a two-day training session
24 CPE credits for a three-day training session
32 CPE credits for a four-day training session


https://www.nsec.io/

10
Noticias y Eventos / THOTCON Chicago [Mayo 8 - 9]
« on: Enero 13, 2020, 06:36:46 pm »

***************************************************************************
***BEGIN THOTCON TRANSMISSION**********************************************
  _____     _   _      U  ___ u   _____      ____     U  ___ u   _   _     
 |_ " _|   |'| |'|      \/"_ \/  |_ " _|  U /"___|     \/"_ \/  | \ |"|   
   | |    /| |_| |\     | | | |    | |    \| | u       | | | | <|  \| |>   
  /| |\   U|  _  |u .-,_| |_| |   /| |\    | |/__  .-,_| |_| | U| |\  |u   
 u |_|U    |_| |_|   \_)-\___/   u |_|U     \____|  \_)-\___/   |_| \_|   
 _// \\_   //   \\        \\     _// \\_   _// \\        \\     ||   \\,-.
(__) (__) (_") ("_)      (__)   (__) (__) (__)(__)      (__)    (_")  (_/ 

What: THOTCON 0xB - Chicago's Hacking Conference

When: May 8th & 9th, 2020

Where: TOP_SECRET (no joke!) / совершенно секретно / 絕密

Tickets: SOLD OUT!

Call For Papers/Villages: CLOSED!
Subscribe to our mailing list:

Email Address
 


B3 S0c14l: Twitter * IRC/freenode/#THOTCON
THOTCON is a hacking conference based in Chicago IL, USA. This is a non-pro
fit, non-commercial event looking to provide the best conference possible o
n a limited budget.

Once you attend a THOTCON event, you will have experienced one of the best
information security conferences in the world combined with a uniquely casu
al and social experience.

THOTCON 0xB is the eleventh incarnation of this event and will be held on a
 Friday and Saturday, May 8th and 9th, 2020.

The conference will be held at a location only to be disclosed to attendees
and speakers during the week before the event. For more information, explor
e this site or contact us at info@thotcon.org.

Выпить все бухло, взломать все вещи!

THOTCON is produced by THOTCON Infinity NFP, a tax-exempt 501(c)(3) nonprof
it organization.
Make a tax deductible donation to help create a sustainable THOTCON!

We value inclusion and diversity at our events and strictly enforce
our Code of Conduct.

*** THOTCON Future Hacker Scholarship ***

This is a unique, one-time $5,000.00 USD award designed to help a future ha
cker with their higher education ambitions.

For more information please visit our Scholarship page.
***END THOTCON TRANSMISSION************************************************
***************************************************************************

THOTCON INFOBLOX v.B BUB-RC75
312K RAM FREE

Ready.

11
Noticias y Eventos / SANS 2020 Orlando [Abril 3 - 10]
« on: Enero 13, 2020, 06:34:43 pm »
https://www.sans.org/event/sans-2020

Learn how to prevent, detect and respond to today’s cyber threats with cyber security training in Orlando
SANS provides practical training that addresses the challenges you face daily as a cyber security professional. Join us in Orlando at SANS 2020 (April 3-10), and experience relevant training that will help you sharpen your skills and become more effective at your job. Choose from more than 50 courses!

Please check the schedule for course dates. Courses may begin and end on different days during the week of training.

Two-Day Courses Begin: Friday, April 3
Welcome Reception & Early Check-In: Saturday, April 4
Four-, Five- and Six-Day Courses Begin: Sunday, April 5
NetWars: Wednesday, April 8 and Thursday, April 9
Don't miss this opportunity to strengthen your information security skillset with cutting-edge training from SANS in Orlando! Choose your course and register now.

What attendees say about their SANS training experience:
“Top-notch, up-to-date security training taught by industry leaders.” - Randy Jackson, Amazon

“I left SANS with a deeper understanding of each topic we covered, and new long-term career goals. I've attended a 5-day training course with a different organization in the past, and the quality of teaching and content doesn't begin to compare to SANS.” - Nicholas Marquez CenterState Bank

Nothing beats the SANS live training experience but if you are unable to attend learn how you can attend remotely.

https://www.sans.org/event/sans-2020

12
Noticias y Eventos / CanSecWest Vancouver [Marzo 18 - 20]
« on: Enero 13, 2020, 06:33:08 pm »
https://cansecwest.com/

CanSecWest, the world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking. The conference lasts for three days and features a single track of thought provoking presentations, each prepared by an experienced professional and talented educator who is at the cutting edge of his or her field. We give preference to new and innovative material, highlighting important, emergent technologies, techniques, or best industry practices.

The conference is single track, with one hour presentations over the duration beginning at 9:00 a.m. The registration fee includes the catered meals, and there will be a vendor display and lounge/eating area, where wireless internet access will be available (as well as in the speaking theater).

https://cansecwest.com/

13
Noticias y Eventos / Wild West Hackin' Fest San Diego [Marzo 10 - 13]
« on: Enero 13, 2020, 06:31:20 pm »
Wild West Hackin' Fest
https://www.wildwesthackinfest.com/


Thursday, March 12
 
8:30am
Welcome to WWHF
9:00am
URL HackingKeynote - Time Travel and GPS F*ckery
10:00am
Airplane Mode: Cybersecurity @ 30,000+ FeetHow to Build a High-Performing Red Team
11:00am
S1/E3.1
1:00pm
Casting with the Pros: Tips and Tricks for Effective PhishingTBD
2:00pm
Adversarial Emulation with The C2 MatrixTBD
3:00pm
Labours of Hercules: Be Like PhilWhoops. I accidentally helped start the offensive intel branch of a foreign intel service
4:00pm
: Breaking Through the Boundaries of Cyber Security Job Search ChallengesHacking Humans: Using OSINT to put together Social Engineering Scenarios that Actually Work
5:00pm
Not Just Evil: Hacking Mainframes with Network Job Entry
 
Friday, March 13
 
9:00am
Credential Stuffing: Identifying and fixing your exposure
10:00am
Inherit Cellular Insecurities in our Critical Infrastructure
11:00am
Breaking into Banks Like a BossURL Hacking
1:00pm
Avionics Primer for HackersHunting Software Vulnerabilities without Reversing
2:00pm
: I really wanna hear you say… ‘I threat hunt thaaat way.’”CitiZen Cyber SkillZ for Public Service. And Great Justice…
3:00pm
Security is Not a Game, the Game


https://www.wildwesthackinfest.com/

14
Noticias y Eventos / TROOPERS20 Heidelberg [Marzo 16 - 20]
« on: Enero 13, 2020, 06:26:58 pm »
https://www.troopers.de/


TROOPERS20 Facts
Two days of high end trainings and hands on experience on Monday and Tuesday.
Two-day three-track conference on Wednesday and Thursday.
Our famous TROOPERS Roundtables on Friday.
A lot of fun!

TROOPERS Trainings
On Monday and Tuesday during the TROOPERS Week we host our premium selection of the TROOPERS Trainings. There are only two-day trainings. Trainings will be instructed by leading experts in their topics and you will mostly only find these trainings during TROOPERS!

TROOPERS20 Student Motivational Letters and Technical Challenge
This year we will continue with our tradition for current Highschool, Bachelor and Master degree students, where you have to submit a Motivational Letter and (try to) solve a technical challenge.

What needs to be included in your motivational letter

Tell us about yourself!
Why are you interested in IT-Security?
Why do you want to come to TROOPERS?
What will you contribute to TROOPERS as an attendee?
A little of feedback on the letters from the previous years. The people who received tickets clearly spent much time thinking about their answers to our questions. They did not give generic answers such as "IT is cool yo", but really gave us insight into themselves and their vision for their future within the IT Security community.

Give the technical challenge your best try. No one's submission will be disqualified from consideration if they cannot complete the challenge as long as the Motivational Letter and the proof of student status have also been submitted.

TROOPERS20 Student tickets include free entry to our Main TROOPERS conference on Wednesday and Thursday, and our Roundtable discussions on Friday. While we do not provide travel assistance, please refer to our travel page for information regarding where to stay and how to get here. If you have questions or need assistance you can always write us at info@troopers.de

15
Noticias y Eventos / SecureWorld Houston [Abril 15]
« on: Enero 13, 2020, 06:20:35 pm »
https://events.secureworldexpo.com/agenda/houston-tx-2020/

SecureWorld conferences provide more content and facilitate more professional connections than any other event in the cybersecurity industry.
Join your fellow security professionals for affordable, high-quality training and education. Attend featured keynotes, panel discussions, and breakout sessions—all while networking with local peers. Earn 12-16 CPE credits through 60+ educational elements, learning from nationally recognized industry leaders.

For over 18 years, we’ve stayed on top of global IT security issues and shared the critical knowledge and tools needed to protect against ever-evolving threats. Through our network of industry experts, thought leaders, practitioners, and solution providers, we collaborate to produce leading-edge, relevant content and educational opportunities.

We host 17 annual conferences across North America, web conferences every three weeks, a weekly podcast, and online training courses, and serve as a hub for cybersecurity news and resources. We hope you'll consider becoming part of our security community!

https://events.secureworldexpo.com/agenda/houston-tx-2020/

Páginas: [1] 2 3 4