• Slideshow: Fashion Statements from DEFCON 2010 – darkreading.com
  Hackers express themselves in more ways than just code.
• Security is a major theme at VMworld 2010. – vmware.com
  VMware launched 3 products under the vShield umbrella, to secure virtualized environments all the way from the edge to the endpoint.

Resources:

• IT Security Database – itsecdb.com
  This site collects OVAL(Open Vulnerability and Assessment Language) definitions from several sources like Mitre, Red Hat, Suse, NVD, Apache, etc.
• OWASP Secure Coding Practices – Quick Reference Guide – owasp.blogspot.com
  In addition, this project already has a very mature release, OWASP Secure Coding Practices – Quick Reference Guide/Version 1.0, which is under formal assessment and seeking Stable Release status.
• The Malware Analyst’s Cookbook, Fuzzy Hashing, and Detecting Self Modifying Code – jessekornblum.livejournal.com
  Michael Ligh’s upcoming book, Malware Analyst’s Cookbook and DVD, presents a novel way to detect self-modifying code using fuzzy hashing and memory forensics.
• (IN)Secure Magazine Issue 17 released – spookerlabs.blogspot.com
  New release of this awesome digital and free magazine
• Metasploit Megaprimer Videos – Over 2 hrs of video available till now! More being added daily – reddit.com
  One of the core issues with Metasploit seems to be the lack of documentation and some dude decided to create a video series.Looks like he is posting a new one daily and is gonna post around 20 of them of around 25 mins each.
• Windows Operating System Security Guides – disa.mil
  Some version of the STIGS excludes IAVM information. IAVM information is in the FOUO version available in the PKI-enabled area of IASE.

Tools:

• skipfish 1.64b – code.google.com/p/skipfish/
  A fully automated, active web application security reconnaissance tool.
• Wireshark 1.4.0, 1.2.11, and 1.0.16 Released – wireshark.org
  You can add a protocol field as a column by right-clicking on its packet detail item, and you can adjust some column preferences by right-clicking the column header.
• SSLMap: 0.2.0 Release – westcoasthackers.net
  Today we are releasing one of our private tools – SSLMap 0.2.0. SSLMap is a lightweight TLS/SSL cipher suite enumeration tool.
• Laudanum – sourceforge.net/projects/laudanum/
  Laudanum is a collection of injectable files, designed to be used in a pentest when SQL injection flaws are found and are in multiple languages for different environments.

• Use EMET to manage risk on your PC
  The previous version of EMET was strictly a command-line utility that enabled administrators to opt-in certain applications to specific exploit mitigations.
  • Microsoft Releases New Version of EMET Exploit Mitigation Toolkit – threatpost.com
  • The Enhanced Mitigation Experience Toolkit 2.0 is Now Available – technet.com
• cvechecker – cvechecker.sourceforge.net
  The latest development release is 0.5, released on 2010/09/02.
• PDFTemplate – didierstevens.com
  It’s particularly useful for malformed PDF files, like this example with PDFUnknown structures.
• Blind SQL Injection Exploitation with “Blind Cat” tool – itsecuritylab.eu
  Important: Blind Cat is not fully automated tool (not a kind of “one-click-ownage”), but if you will catch the idea of it – in return you would get a huge flexibility to exploit even most difficult blind SQL injections.

Techniques:

• Social-Engineer Toolkit v0.6.1 Tutorial – secmaniac.com
  Included in this tutorial is the Teensy USB/HID Attack Vector, the Man Left in the Middle Attack Vector, and the TabNabbing attack vector.
• X-Frame-Options Support in Firefox – michael-coates.blogspot.com
  X-frame-options is a header value that is set by the webserver which instructs supported browsers on whether to allow a particular page to be framed by other pages.
• Finding Mapped Drives with Meterpreter – skullsecurity.org
  The problem generally is that Novell handles things extremely differently then AD, that I assumed that things would be different.
• MITM, SSL and Session Fixation – ha.ckers.org
  It’s been known for a long time that HTTP can set cookies that can be read in HTTPS space because cookies don’t follow the same origin policy in the way that JavaScript does.
• Backdoor Password in Accton Based Switches – attackvector.org
  On the 15th of august 2009, at the HAR2009 conference, the existence of a backdoor password in Accton-based switches was revealed by Edwin Eefting, Erik Smit and Erwin Drent.
• Compromising Hosts With SNMP – attackvector.org
  A community string is, basically, the only authentication you need in order to gain access through SNMP.
• Cross Site Request Forgery (CSRF) PoC Template (by Javascript) – soroush.secproject.com
  CSRF PoC template is a JavaScript code which is very useful for security researchers and simplifies the art of creating CSRF Proof of Concepts.
• Cross-subdomain Session Fixation – skeptikal.org
  Today, I came across a variant which I’d theorized about in the past, but never bothered to find in the wild, and I think it merits some attention.
• To security people: I found this in google: http://bit.ly/bOr4wH If your email is not there, your website is! What’s this!? let me know @irsdl – twitter.com

Vulnerabilities:

• More DLL hijack news
  And the saga continues, the battle between Microsoft and its DLL security hole
  • An update on the DLL-preloading remote attack vector – technet.com
  • Microsoft tool for DLL vulnerability interferes with some applications – h-online.com
  • DLL hijacking – what are you doing? – sans.edu
  • Presenting DllHijackAuditor – Smart Tool to Audit Dll Hijack Vulnerability – securityxploded.com
  • Protecting Against Remote DLL Preloading Vulnerabilities – iss.net
  • KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll) – seclists.org
  • DLL Search Order Hijacking Revisited – mandiant.com
• New Remote Flaw in Apple QuickTime Bypasses ASLR and DEP – threatpost.com
  A Spanish security researcher has discovered a new vulnerability in Apple’s QuickTime software that can be used to bypass both ASLR and DEP on current versions of Windows and give an attacker control of a remote PC.
• Zscaler researcher finds scanning flaw in HP all-in-one printers – lastwatchdog.com
  Using the WebScan functionality, he could write a script to regularly run the scanner remotely, retrieving an image of anything that has been left on the scanner.
• TANDBERG Video Communication Server Arbitrary File Retrieval Vulnerability – securiteam.com
  This issue would allow an authenticated attacker (who has access as an administrator or less privileged user on the web administration interface) to retrieve files from the filesystem which are readable by the “nobody” system user.
• VMware Tools for Windows Local Binary Planting Vulnerability – securiteam.com
  There is a code execution vulnerability in VMware Tools for Windows that allows a local attacker (being able to log on locally to the virtual machine) to plant a malicious executable with a specific name on the local drive and wait for this executable to get launched when another user logs on to the virtual machine.

Vendor/Software Patches:

• Fixes from MS on the latest DLL flaw
  Microsoft released a fix for the DLL vuln that was discovered lately but it was flawed as well. There I fixed it.
  • MS Fix Shores Up Security for Windows Users – krebsonsecurity.com
  • Microsoft Publishes New FixIt Tool For DLL Bug – threatpost.com

Other News:

• Wolfhound Sniffs out Contraband Cell Phones – gearlog.com
  Using it requires little training and it doesn’t jam cell phones (which is illegal, since it prohibits legal cell phone use).
• Alleged Carder ‘BadB’ Charged in $9 Million ATM Heist – wired.com
  On Nov. 8, 2008, an army of cashers armed with cloned payroll cards simultaneously hit more than 2,000 ATMs around the world, looting them of $9.5 million in less than a day.
• That nice, new computerized car you just bought could be hackable – snosoft.blogspot.com
  While spoofing low-tire-pressure readings does not appear to be critical at first, it will lead to a dashboard warning and will likely cause the driver to pull over and inspect the tire.
• Pirate Bay Documentary in the Works – wired.com
  The director, Simon Klose, who has a law degree, has 200 hours of footage saved up and plans to record more during the trio’s appeal against their verdict, which is set for less than a month from now, on 28 September, 2010.
• Cyber Thieves Steal Nearly $1,000,000 from University of Virginia College – krebsonsecurity.com
  The attackers stole the money from The University of Virginia’s College at Wise, a 4-year public liberal arts college located in the town of Wise in southwestern Virginia.
• Snoop Dogg Joins the War on Cybercrime – securityweek.com
  In a somewhat untraditional partnership, Snoop Dogg and Symantec’s Norton want you to show off your lyrical skills on the subject of cybercrime and enter the “Hack is Wack” cybercrime rap contest.
• New government ID cards easily hacked – thelocal.de
  The sensitive personal information found on the new German identification cards with data chips scheduled for nationwide introduction this November can be easily hacked, according to testing done by a TV news show.
• Remediation – The Game – cigital.com
  Remediation has players compete to end up with the highest score while playing through real life software security scenarios.
• Ambition Over Intelligence – Twitter, OAuth, and Wrong – preachsecurity.blogspot.com
  If you do a web search for “hacked twitter account” you’ll get thousands upon thousands of entries.
• Tech Insight: Retooling Vulnerability Scanning, Penetration Testing for IPv6 – darkreading.com
  Traditional host discovery via network scanning won’t work with IPv6, but alternative methods are available.
• HP Holds Navy Network ‘Hostage’ for $3.3 Billion – wired.com
  After 10 years and nearly $10 billion, many sailors are tired of leasing their PCs, and relying on a private contractor to operate most of their data systems.
• Defending a New Domain – foreignaffairs.com
  Every day, U.S. military and civilian networks are probed thousands of times and scanned  millions of times.
• Defense Department’s Cyberwar Credibility Gap – securityweek.com
  The question posed by Wisniewski and others is, why would a foreign intelligence agency attack the U.S. government with such a low-powered weapon?

The seat of the Southeast, Atlanta is probably well-known as the center of the Coca-Cola empire and the home of CNN. It was also the host of the Olympics in 1996. Atlanta is also home to a few local professional groups.

• OWASP Atlanta Local Chapter – You’ve got plenty of time to hobnob with the folks over at OWASP since the next meeting will still be on September 15. Browse through past meetings or connect through LinkedIn or via the mailing list.
• ISSA Metro Atlanta – With ISSA’s yearly conference happening this September, the chapter’s monthly meeting is moved to next October the 28th. That’s every last Thursday of the month, folks. You can reach out and learn more about them by contacting the group here.
• ISACA Atlanta – This chapter just held an exciting training tract called Geek Week (too bad we missed it). You can get the presentations for that here. You can also view their calendar here, which pegs chapter meetings every third Friday of the month.
• NAISG Atlanta – Meetings for this group are held every second Wednesday of the month at Gordon Biersch. You can subscribe to their lists through this webpage, or if you prefer, connect with them through Facebook or LinkedIn.
• InfraGard Atlanta – A special group that partners private sector security experts with local and federal law enforcement agencies, this chapter of InfraGard is part of the effort to protect the information systems of the Southeast.
• AITP Atlanta – If you’re part of this group, there’s a Roundtable Dinner happening on the 16th of September. Not yet a member of this prestigious IT society? Sign up here.

If the tie-and-suit is not for you and you prefer the classic jeans-and-shirt, maybe these local meetings are more your taste.

• DC404 – While the website isn’t updated, I doubt they’ve stopped meetings at this local Defcon group. Check out past presentations or join the chat list. Meetings are at The Vortex Midtown.
• 404 SE2600 – This site is quite dated as well but the meetings aren’t. Gander at their meeting schedules here or keep up through the many connections they have.
• AtlSec/HotSec/HillBillySec – No recent mentions of gatherings for this CitySec group but you can reach out to Beau Woods for more info.
• Dorkbot-atl – For the tinkerer and hardware hacker in you. Get in touch with them for more info.

There are also a cool hackerspace in Atlanta you should definitely look up.

• Freeside Atlanta – A great place to share knowledge and gain knowledge, Freeside not only offers space but also free classes (donations are encouraged) and open meetings. They need some gifted people for the security sessions so maybe you can join in? It’s manned by 50 members strong and has over 5,500 of space to roll around in. get more info on how to join here.

Lastly, there are a number of security events in the area that will quench your infosec thirst and bring some organized chaos in your life.

• ISSA International Conference – If you’re part of ISSA, I’m pretty sure you already got wind of this September 15 event. It’s packed with a lot of tracts, mostly on the corporate side of security. There’s a SANS training class, a keynote by Howard Schmidt and a threat update panel. Get the agenda here.
• The A List – The recently concluded event by InfraGard armed law enforcement officers with 18 sessions of protection knowledge from Special Agents of the FBI and GBI.
• ShoeCon – A  small commemorative convention held for the family of the recently departed Matthew Shoemaker. Speakers at the event include Irongeek Adrian Crenshaw, Trevor Hearn (Skydog) and Stan Brooks aka WLANstan.
• Outerz0ne – This donation-based conference started out as a response to another event called interz0ne (which looks to be defunct). If you love grassroots events and want to help out fellow security pros, support the next Outerz0ne event next year, if there is one.
• BSides Atlanta – Watch out for this. This BSides event will be coming at you on October 8th at Think Inc. World HQ down at Peachtree. There’s a Call for Theme, CFP and you get CPEs for this event as well. Register here.

There’s always lots going on in ATL so next time you drop by, hook up with a few security-minded local to help show you around.

.

Here are the information security events in North America this month:

AppSec USA 2010: September 7 -10 in Irvine

The International Symposium on Visualization for Computer Security (VizSec):  September 14 in Ottawa

ISSA International Conference: September 15 – 17 in Atlanta

The 13th International Symposium on Recent Advances in Intrusion Detection (RAID): September 15 – 17 in Ottawa

Cyber-RAID: September 16 – 17 in Kansas City

Security BSides KC: September 17 in Kansas City

SANS WhatWorks: Legal Issues and PCI Compliance in Information Security Summit 2010: September 22 – 29 in Las Vegas

20th Virus Bulletin International Conference: September 29 – October 1 in Vancouver

.

And here are the information security events in the other parts of the world:

RSA Conference Japan 2010: September 9 – 10 in Japan

SEC-T 2010: September 9 – 10 in Sweden

ekoparty 6° edition: September 16 – 17 in Argentina

SOURCE Barcelona 2010: September 21 – 22 in Spain

Cyber Security 2010: Protecting Critical National Infrastructure From The Cyber Threat: September 22 – 23 in Belgium

SyScan ‘10 Ho Chi Minh City: September 23 – 24 in Vietnam

BruCON Security Conference: September 24 – 25 in Belgium

Did we miss any events for this month? Leave a comment and we’ll start tracking it.

The Heart of America, Kansas City. If you like great music or want a taste of that special KC barbeque, this is the town to be in. Another reason to visit are the great security pros that call this city home. Here are some local professional groups you can mingle with while in KC.

• OWASP Kansas City Local Chapter – With the next meet still a ways off (October 2010), you can still make it to attend or even present. Attendance is free after all. You can read their mailing list or click through the link above for details on past meetings.
• ISSA – Kansas City – Another premier security group, ISSA hold regular trainings, meetings and networking events. You can check out their past events or read the latest newsletter. Next meeting is on Sept. 23.
• Kansas City Chapter of ISACA – The upcoming meeting at September 9th is a great way to meet other ISACA members in the area. Catch up through their newsletter or glance at the schedule of upcoming events.
• InfraGard Midwest – An FBI-supported group, InfraGard is out to protect the homeland’s infrastructure through a private-public relationship.

Interested in a less formal atmosphere? Here are some local meetings for ya.

• DC816 – A DefCon group headed by Subz$r%. Not much info here, you might want to mail him using the link we gave for more details.
• Greater Kansas City 2600 – Meetings for this group are usually held on the first Friday of the month at the Oak Park food court.

There’s also a very creative group of people hosting a hackerspace in KC.

• The Cowtown Computer Congress – It’s one great bunch and they even had a Mini-Maker Faire and an OMGWTFBBQ a while back. Recent projects include a homemade cotton candy machine and marshmallow shooter kits. Check out their mailing list here.

Finally, there are some security events you can watch out for.

• Cyber RAID-0 – KC’s first cyber warfare event will be held on September 16th. So get those fingers cracking and see if you have what it takes to beat the system.
• BSides KC – BSides is there to handle your post Cyber-RAID trauma (or victory, as the case may be). You’ll get talks, discussions and more.

All this security talk is making me hungry. I’m getting a barbeque.

• MalCon, a security event for malware authors
  Spread across the world, malcoders now have a common platform to demonstrate expertise, get a new insight and be a part of the global MALCODER community.
  • MalCon: A Call for ‘Ethical Malcoding’ – krebsonsecurity.com
  • New Conference Wants to Bring Malware Writers Out of the Shadows – threatpost.com

Resources:

• Recon 2010: Intro to Embedded Reverse Engineering for PC reversers – hexblog.com
  I have also uploaded some of the tools I mentioned, most notably various filesystem extractors compiled for Win32.
• Privacy Now TV – absolute.com
  A new web series, Privacy Now TV, has launched to explore topics around “online privacy and security… in a Facebook world.”

Tools:

• DotDotPwn v1.0 – Directory Traversal Checker/Scanning Tool – darknet.org.uk
  A simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers.
• WinAppDbg 1.4 is out! – breakingcode.wordpress.com
  The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.
• Ostinato 0.2 – code.google.com/p/ostinato/
  Ostinato is an open-source, cross-platform network packet/traffic generator and analyzer with a friendly GUI.
• Better, Faster, Stronger: DLLHijackAuditKit v2 – metasploit.com
  Due to an overwhelming amount of interest in the initial DLLHijackAuditKit released on Monday, I rewrote the tool to use native JScript.
• RSMangler Keyword Based Wordlist Generator – randomstorm.com
  The main new feature is permutations mode which takes each word in the list and combines it with the others to produce all possible permutations (not combinations, order matters).
• WinAppDbg – Python Instrumentation Scripting/Debugging Tool For Windows – darknet.org.uk
  The WinAppDbg python module allows developers to quickly code instrumentation scripts in Python under a Windows environment.
• SIP Inspector – sites.google.com/site/sipinspectorsite/
  SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios.
• WebAppTools v0.2 – code.google.com/p/webapptools/
  The given complex is intended for inventory and an security estimation of various (heterogeneous) web-applications. The project is developed with usage of WebEngine kernel.
• RainbowCrack 1.5 released – project-rainbowcrack.com
  One big advantage of 64-bit operating systems is that more than 4 GB of memory can be used by application.
• cvechecker – cvechecker.sourceforge.net/
  The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database.

Techniques:

• EasyRMtoMP3 exploit for Vista SP2 – i8jesus.com
  In my likely impossible challenge to ever understand one of Nico Waisman’s talks, I found corelanc0d3r’s site.
• Favorite nmap NSE scripts – attackvector.org
  I’ve written a couple of posts about it and why I find it so useful, but in this post I’m going to cover some of my favorite scripts that come with the most recent Nmap release.
• Bypassing Restrictive Proxies Part 2, Modified Windows Shell via Metasploit PassiveX – grey-corner.blogspot.com
  In the Download and Execute Script Shellcode post, I discussed some of the problems that a restrictive proxy could pose when you were attempting to use it as transport device for your exploitation traffic.
• New Windows Meterpreter Search Functionality – darkoperator.com
  Yesterday Stephen Fewer committed to the development version of Metasploit code for the Windows Version of Meterpreter for searching thru the file system and using the index service of the modern versions of Windows.

Vulnerabilities:

• DLL Exploit  on Windows
  Microsoft acknowledged in an advisory on Monday a type of attack mechanism known as DLL preloading, or binary planting and said that while it is not new it does have a new remote-attack vector.
  • Microsoft Security Advisory (2269637) – microsoft.com
  • Windows DLL bug hits dozens of apps – cnet.com
  • Details Emerge on Severe Windows App FlawsDetails Emerge on Severe Windows App Flaws – threatpost.com
  • More information about the DLL Preloading remote attack vector – technet.com
  • DLL pre-loading attack vector addressed by Microsoft – sophos.com
  • DLL exploit not a job for secure coding programs – erratasec.blogspot.com
  • Some Linux Distros Vulnerable to Version of DLL Hijacking Bug – threatpost.com
  • DLL hijacking vulnerabilities – sans.edu
  • Video Demo of DLL Hijacking Attack. – attackvector.org
  • HD Moore on the Windows DLL Vulnerability – threatpost.com
  • New DLL Hijacking Exploits (many!) – attackvector.org
  • DLL Hijacking (KB 2269637) – the unofficial list – corelan.be
  • DLL Hijacking: Facts and Fiction – threatpost.com
  • Exploiting DLL Hijacking Flaws – metasploit.com
  • Protecting Against the New DLL Attack – paloaltonetworks.com
  • SET v0.6.1 – Metasploit DLL Hijack Demo – secmaniac.com
  • It’s those darned DLLs again… – windowsir.blogspot.com
  • Alternative DLL Hijacking Method – attackvector.org
  • DLL pre-loading research: the pre-release – fortinet.com
  • DLL Hijacking and Why Loading Libraries is Hard – f-secure.com
  • Mozilla Thunderbird DLL Hijacking Exploit – exploit-db.com
  • VLC Media Player DLL Hijacking Exploit – exploit-db.com
  • Microsoft Visio 2003 DLL Hijacking Exploit – exploit-db.com
  • Autorun DLL Hijacker (USB stick) – attackvector.org
  • Exploiting DLL Hijack in the real world – digitalacropolis.us

Other News:

• Anti-virus Products Struggle Against Exploits – krebsonsecurity.com
  Most anti-virus products designed for use in businesses do a poor job of detecting the exploits that hacked and malicious Web sites use to foist malware, a new report concludes.
• Google Advanced Operators And Government Website Leakage – guerilla-ciso.com
  All the “infosec cool kids” have been having a blast this week using a combination of filetype and site operators to look for classification markings in documents.
• The Government’s New Right to Track Your Every Move With GPS – yahoo.com
  Government agents can sneak onto your property in the middle of the night, put a GPS device on the bottom of your car and keep track of everywhere you go.
• Icons of the Web – nmap.org
  A large-scale scan of the top million web sites (per Alexa traffic data) was performed in early 2010 using the Nmap Security Scanner and its scripting engine.
• Thumb Drive Attack in 2008 Compromised Classified U.S. Networks – threatpost.com
  A senior official at the Department of Defense is talking publicly about a 2008 security breach that he claims compromised classified intelligence networks used by the U.S. military.
• Military Computer Attack Confirmed – nytimes.com
  A top Pentagon official has confirmed a previously classified incident that he describes as “the most significant breach of U.S. military computers ever”.
• DiskGenie hacking – adafruit.com
  Great review / write up and hacking of the iStorage DiskGenie (Portable Encrypted Hard Drive with Secure PIN code access)
• Hackers accidentally give Microsoft their code – zdnet.com.au
  When hackers crash their systems while developing viruses, the code is often sent directly to Microsoft, according to one of its senior security architects, Rocky Heckman.

• Conference swag
  • #defcon 9 to 18 badges laying around. (minus my missing dc 7, 8 or 12 badges) – @blackfeathers
  • defcon badges & other security conference passes – flickr.com
• Metasploit Express crucial to win in South Florida ISSA Hack the Flag – rapid7.com
  Seven teams participated, defending systems running a variety of off-the-shelf services such as HTTP, SSH, FTP, while attempting to take control of other teams’ systems.

Resources:

• BlackHat 2010 – Slides / Paper / Rest. – thinkst.com
  This year my talk was 50 minutes long (i wasn’t convinced that the topic could hold interest for longer periods), and my keynote deck was made up of 38 slides.
• 20 Critical Security Controls – sans.org
  The 20 Critical Controls are the most effective processes that organizations use to stop computer attackers from gaining entry to systems and networks, or to mitigate damage from attackers who get in.
• SQL Injection Cheat Sheet – mavituna.com
  Most of the real world environments may change because of parenthesis, different code bases and unexpected, strange SQL sentences.
• Reverse Engineering over Acrobat Reader using Immunity Debugger (RECON) – securitytube.net
  Blind scanning using generic fuzzers and automated generic tools don’t have a significant level of success anymore.
• Constricting The Web: Post Black Hat – neohaxor.org
  The basic premise of our talk is that web architectures and technology are getting far more complicated and it is not sufficient just to run a vulnerability scanner on an application and call it done.
• How to Render SSL Useless – threatpost.com
  In this video from the OWASP AppSec Research conference in Sweden, security researcher Ivan Ristic of Qualys discusses practical methods for breaking SSL.
• ClamAV for Windows – clamav.net
  ClamAV for Windows utilizes advanced Cloud-based and community-based detection methods.
• Is My Mail Secure? – ismymailsecure.com
  Secure email transfers rely not only on the security of the connection between the mail client (email program) and the email server (or a secure webmail site in the browser), but also on secure connections between servers.
• iPen: Hacking with the iDevice – nickmpetty.com
  So this article/how-to/whatever is just that. A document of my experiences turning my iPod Touch into a all-in-one hacking/penetration-testing platform.
• Steam Hardware & Software Survey: July 2010 – steampowered.com
  Steam collects data about what kinds of computer hardware and software our customers are using.

Situated in the Great Lakes area, Milwaukee is known for its brew and taverns. Aside from that, it also hosts a few local professional groups that keep the security community spirit alive.

• OWASP Milwaukee Local Chapter – Lead by Matthew Chalmers, you can subscribe to their list here.
• ISSA Milwaukee Chapter – This ISSA chapter meets every second Tuesday and discuss a variety of security topics. You can read some of the presentations here.
• ISACA Kettle Moraine Chapter – The chapter meets every second Wednesday between September and May and is open to any professional in the Milwaukee area. Check out their past presentations or view their event calendar.
• InfraGard Wisconsin – One of the larger InfraGard organizations and it covers Milwaukee as well as Madison and Green Bay. Sign up here and be part of this FBI-backed team of security experts.
• AITP Southeast Wisconsin – If you are looking for a more general kind of organization, this is the one for you. Their next meet is on Sept., 23, 2010.Check out more details here.

On top of the formal groups, there are less formal local meetings that let you lose the tie without  losing the attitude.

• DC 414 – Anarchy Angel leads the pack for this DefCon group. The site hasn’t been updated in a while but you can try to catch them at the West Bend Library every first Friday.
• MilSec – A CitySec group that welcomes everyone who works in security, is interested in security or just like to talk (or listen) to security stuff. Follow them here.

There’s also a hackerspace you can visit when in Milwaukee.

• Milwaukee Maker Space – They are still actively looking for a space to rent and for founding members to help out in starting the group up. Join the mailing list here.

If you’re in the city, perhaps you want to pay tribute to the Bronze Fonz, sit down and have a few beers with some of the friendly security folks in Milwaukee.

• “Crack Me If You Can” – DEFCON 2010 – korelogic.com
  The core-count for teams using clusters or EC2 are rough equivalents based on the number of compute-hours they report having used. See each teams’ specific writeup for more details.
• BSidesLasVegas Recap – Day 1 – novainfosecportal.com
  Since I took the most notes on the CCDC talk, I figure I’ll start with the other two first.
• A week of firsts in Vegas: Surviving B-Sides – tripwire.com
  I learned all I could in the 48 hours given, stopping to sleep very little, and two things I learned stand out among the rest.
• Security B-Sides: The anti-conference – youtube.com
  Help Net Security attended this year’s Security B-Sides Las Vegas and in this video you can see co-founder Chris Nickerson talk about the history of the event, what’s happening this year, as well as some future plans.
• RT @dave_rel1k: Follow @DerbyCon for updates regarding the new and upcoming hacker conference #DerbyCon – Sep29-Oct2 2011 – @hdmoore
• Security Ninja Goes Con-Hopping
  • Day two of the Vegas cons, BlackHat, defcon registration and fun conversations – securityninja.co.uk
  • Day three of the Vegas cons, defcon and nine talks – securityninja.co.uk

Resources:

• DEF CON 18 – Getting Social with the Smart Grid Slides Posted – fyrmassociates.com
  My co-presenter, Justin Morehouse, just posted our slides here on SlideShare.
• My SecurityBSides Videos and Demos – securityninja.co.uk
  I recorded the demo videos in quite a high quality format so I hope you will be able to clearly see the demonstrations and see how I fixed the vulnerabilities I was demonstrating.

One of the tech centers of the south, Austin is home to many security professionals who “keep Austin weird”. As such, it comes as no surprise that there are several local professional groups that are helping the infosec community grow in the capital of Texas.

• OWASP Austin Local Chapter – The host of the upcoming LASCON 2010, the Austin chapter holds regular meetings every 3rd Thursday of the month at Sherlock’s. You can view the presentation archives or join the mailing list.
• Austin ISSA – The monthly meetings of this ISSA chapter are held every 3rd Thursday of the month at their new location at the Microsoft Technology Center. You can view their calendar of events or review past meetings.
• ISACA – Austin Chapter – This chapter is the base for over 200 ISACA members in Austin. You can contact them for more information and view past newsletters.
• InfraGard Central Texas Members Alliance – This FBI-backed group is a network of security specialists from the private sector and government agencies that work together to gather information and safeguard the national infrastructure. Meetings are every second Thursday of the month at Signature Science. Join here or check out a few of the past meetings.
• AITP Austin – A focal point of the Austin IT community, this chapter has been serving the Central Texas professional scene since 1954.

Here are also a few local meetings being held in the area.

• DC512 – Founded in 2004, you can contact mage2 for more info about this group.
• ATX-2600 – War driving, phreaking and social engineering. These are just some of the crafty activities you can do in this group. It does take a lot of insider info to get in though but if you have what it takes, just join up here.
• Austin 2600 – Meets every first Friday of the Month at SpiderHouse. Their website is awesome, by the way.
• AHA! – Yes, the exclamation point is part of the name. It’s probably the largest group if loosely-affiliated security pros in the Austin area. Meets are around every last Wednesday of every month. Check out the members or visit the site to see the past meetings.
• Computer Academic Underground – Here’s another group for you (not sure if they are active though), which does regular speaking engagements all over the Dallas-Austin area. Read their blog.
• CitySec Austin – Haven’t found their website or if they even meet anymore. Last we heard is that they meet every third Thursday at the Berryhill Baja Grill. If anyone has info of them, let us know.
• Dorkbot Austin – It’s a regular meeting of artists, hackers and more. If you want to find out where they meet just tune in here.

There are also a few hackerspaces to help with your tinkering.

• Conjunctured – The very first coworking space in Austin and it’s pretty booked but you can put yourself on the waiting list. Come and enjoy their executive suite amenities including a kitchenette, high speed wireless internet and your own conference room. Check out photos here.
• ATX Hackerspace – This space has a great motto: “Make a difference , be excellent to each other.” participate in some awesome workshops and projects at their site at Rutherford Lane. Interested? Be a member here or browse the photo gallery.
• ACTLab – Located in the University of Texas in Austin, this one of the oldest spaces in Texas – even before the term hackerspace was coined. Their prime directive: Make Stuff! That pretty much sums up what you should be doing when in this place. Know the ins and outs through their listserv.

Finally, we have a list of security events you might want to be part of when in the Austin area.

• CONSEC – An executive gathering for security professionals, this event is focused more on the business side of the infosec coin. C-level executives should come over to the Norris Conference Center on September 27 – 29.
• TRISC – A two-day conference that aims to inform people on the information security industry. Don’t worry, you have quite some time to prepare as the next one is in July 2011 here in our lovely city.
• BSides Austin – The last event was held in the Norris Conference Center, same as CONSEC. Since this just finished a couple of months ago, expect the next one in 2011 for your fill of BSides fun.
• LASCON – Lastly, OWASP’s  Lonestar Appsec Conference  will be held in, you guessed it, Norris Conference Center on the 29th of October. Register here.

That list should serve nicely to satisfy your Austin meetup cravings as well as whet your infosec events appetite. Let us know in the comments other places you or security professionals you know like to meet and hang out.

Events Related:

• BlackHat / DefCon 18 related posts
  • Highlights from Black Hat and Defcon – readwriteweb.com
    Here’s our round-up of highlights from the two security events from around the web.
  • Black Hat & DEFCON Observations – bobbydominguez.com
    Both cons have their own distinct culture and participants, but you’ll see Black Hat attendees stay for the Defcon forums.
  • Corey’s 2010 Las Vegas BlackHat DefCon summary – intrepidusgroup.com
    The IG gang spent last week out in Vegas for the annual BlackHat and DefCon trips. While I missed a handful of high profile talks.
  • higB’s 2010 Las Vegas BlackHat DefCon summary – intrepidusgroup.com
    Amanda did a great job making sure we were in the Palace tower (not the stinky Forum tower).
  • Max’s 2010 Las Vegas BH/DC Summary – intrepidusgroup.com
    The WiMAX Hacking (https://groups.google.com/group/wimax-hacking) talk, from Pierce, Goldy, and aSmig feat. sanitybit was great.
  • Zach’s 2010 BlackHat/DEFCON/B-Sides Las Vegas summary – intrepidusgroup.com
    I was aiming not to be the last contributor to this series, given that I’ve already received my proper lashings for slagging on posts as is.
  • Black Hat 2010 – appsecinc.com
    What used to be a couple of booths at the side of the hallway is now a dedicated hall with almost every security vendor showing a presence.
  • BlackHat 2010 Recap – midnightresearch.com
    Overall it was a good conference and similar to last year.
  • Digital Forensics Case Leads Aug 5, 2010: Defcon 18 and more – sans.org
    We have news and coverage from a forensic and incident response viewpoint, including news about the Wikileaks incident you might not have seen elsewhere.
  • Hacker Wonderland: DefCon 18 in Photos – wired.com
    Photostream of badges, underwear, locks and other stuff you only see at Defcon
  • DefCon Talks: – securepla.net
    I complied some of the talks that I found interesting during DefCon this year.
  • DefCon 18 Day 2 – it.toolbox.com
    Lots of angry, sweaty nerds lamenting decisions to attend talks.
  • The hackers life – my weekend at Defcon - nationalgeographicassignmentblog.com
    As we get closer to the hall where Paget is presenting, I can hear someone yelling, “if you have a GSM cell phone, your call may be intercepted.
• Korelogic competition, Team hashcat – korelogic.com
  When the initial list of hashes was received from KoreLogic it was split into text files which each contained a specific hash type.

Resources: