Archive for the “Security” Category

Venue: Sheraton Dubai Creek,
Baniyas/Creek Road,
Dubai, UAE

Technical Training – DAY 1 and DAY 2
Date: 20th and 21st April 2009
Time: 0900 – 1700

TECH TRAINING 1 – Web Application Security – Threats and Countermeasures
TECH TRAINING 2 – 802.11 Ninjitsu
TECH TRAINING 3 – The Exploit Laboratory 3.0

Conference DAY 1 and DAY 2
Date: 22nd and 23rd April 2009
Time: 0900 – 1700

Dual Track Conference
Capture The Flag (CTF)

More details, please visit http://conference.hitb.org/hitbsecconf2009dubai/

Comments No Comments »

The venue for this year’s Hack in The Box Security Conference has been changed to CROWNE PLAZA MUTIARA KUALA LUMPUR. The reason for this change is due to unreasonable conditions placed upon us by The Westin which makes it impossible for us to proceed with having the conference there. Trust that we did try everything possible and greatly regret any inconvenience this change may cause.

For full details on the Crowne Plaza Mutiara, please click here

Comments No Comments »

Kudos to aphesz for making the rules. Well basically the rules is to send an email to admin especially for webhosters admin a notification about which site is under phishing attack. Below are the rules that you need to put in web_rules.xml at the end of file but before </group> closing tag.

<rule id=”31190″ level=”12″>
<if_sid>31100</if_sid>
<url>paypal.co|hsbc.co|citibank.co|ebay.co|barclays|amazon.co|</url>
<url>verizon.net|lloyds.com|maybank2u|maybank|e-gold.com</url>
<description>Phishing sites detected. System check advisable.</description>
<group>attack,</group>
</rule>

Now restart OSSEC and it should be picking up sites according to the keywords set. Keep in mind that the keywords above are just among the few popular sites that are usually being targeted. You’re free to add/remove those keywords as per your needs. Also, if you set OSSEC to email alerts to your mailbox, you’ll be getting these whenever it detects a phishing site. The best part is if you have APF to work along together. It will block who are trying visit the phising site. Usually the uploader of phishing site will get blocked because they want to check if their scripts is working or not ;)

Comments No Comments »

Event Details

Venue: The Westin Kuala Lumpur

Hands-On Technical Training Sessions – DAY 1
Date: 27th October 2008
Time: 0900 – 1830

TECH TRAINING 1 – Structured Network Threat Analysis and Forensics
TECH TRAINING 2 – Bluetooth, RFID & Wireless Hacking
TECH TRAINING 3 – Web Application Security – Advanced Attacks and Defense
TECH TRAINING 4 – The Exploit Laboratory

Hands-On Technical Training Sessions – DAY 2
Date: 28th October 2008
Time: 0900 – 1830

TECH TRAINING 1 – Structured Network Threat Analysis and Forensics
TECH TRAINING 2 – Bluetooth, RFID & Wireless Hacking
TECH TRAINING 3 – Web Application Security – Advanced Attacks and Defense
TECH TRAINING 4 – The Exploit Laboratory

Conference DAY 1
Date: 29th October 2008
Time: 0900 – 1800

Triple Track Security Conference featuring new HITB Labs
Capture The Flag (CTF)
Lock Picking Village
Wireless Village
Open Hack

Conference DAY 2
Date: 30th October 2008
Time: 0900 – 1930

Triple Track Security Conference featuring new HITB Labs
Capture The Flag (CTF)
Lock Picking Village
Wireless Village
Open Hack

Details available here

Comments No Comments »