The Federal System’s Need for a Security Assessment Process: Part 1

/
Federal agencies, due to Federal Information Security Management Act (FISMA) requirements, are obligated to assess the effectiveness of their systems, as well as the security controls that are in place as part of the certification and accreditation (C&A) process before operations can be approved.

EC-Council to Host Advanced Technical Security Summits in Alexandria and San Jose

/
The Center of Advanced Security Training (CAST) - the advanced training division of EC-Council - announces the next installment of its successful advanced training series ‘EC-Council Summit’ (formerly known as CAST Summit) March 19-22 in Alexandria, Virginia and March 26-29 in San Jose, California. This series of summits feature five highly technical workshops in ethical hacking, penetration testing, mobile hacking/forensics, application security and network defense.

EC-Council Summit San Antonio 2012, June 11 14

/
The all-new EC-Council Summit series is created to make advanced security training opportunities available for information security professionals across the globe. Attendees get to choose from a selection of highly technical and advanced training workshops offered by EC-Council Center of Advanced Security Training (CAST), covering current and important security topics such as penetration testing, cryptography, network defense, application security, mobile hacking and forensics, crimeware attribution, etc. The event concludes with a one-day security training seminar that specially designed to comprise a few mini-lectures, and allows for participants to actually learn, and not just listen or be rushed through a short presentation like how its like in some other events or conferences. For schedule of the EC-Council Summit, please visit: http://www.eccouncil.org/summit

EC-Council Summit Boston 2012, June 4 7

/
The all-new EC-Council Summit series is created to make advanced security training opportunities available for information security professionals across the globe. Attendees get to choose from a selection of highly technical and advanced training workshops offered by EC-Council Center of Advanced Security Training (CAST), covering current and important security topics such as penetration testing, cryptography, network defense, application security, mobile hacking and forensics, crimeware attribution, etc. The event concludes with a one-day security training seminar that specially designed to comprise a few mini-lectures, and allows for participants to actually learn, and not just listen or be rushed through a short presentation like how its like in some other events or conferences. For schedule of the EC-Council Summit, please visit: http://www.eccouncil.org/summit

TakeDownCon Dallas 2012, May 4 9

/
This highly technical IT security conference series was launched in 2011 in Dallas, Texas. TakeDownCon is a no-frills and topic focused conference series that is targeted towards the security engineers, researchers and analysts. The topical theme of this unique event series revolves around some of the most talked-about security issues such as Web Application Security, SCADA and Critical Infrastructures, Cloud Security, among others. Cities that are earmarked where TakeDownCon will be hosted in the near future are Las Vegas, Chicago, New York, Washington DC, Amsterdam, London, Johannesburg, Singapore, among others. For more information about TakeDownCon, please visit: http://www.takedowncon.com

EC-Council Summit Alexandria 2012, March 19 21

/
The EC-Council Summit (formerly known as CAST Summit) is designed with one purpose in mind, to enrich security professionals with the skills and knowledge surrounding the ever-evolving information security landscape. Attendees get to choose from a selection of highly technical and advanced training workshops led by subject matter experts and industry practitioners, covering essential security topics such as penetration testing, cryptography, network defense, application security, mobile hacking and forensics, crimeware attribution, etc. The Summit concludes with a one-day training seminar that is specially designed to comprise a few mini-lectures, and allows for participants to actually learn, and not just listen or be rushed through a short presentation.

The Open Organisation Of Lockpickers (TOOOL) Presentation at ShmooCon 2012

/
The mission of the Open Organisation Of Lockpickers is to advance the general public knowledge about locks and lockpicking. By examining locks, safes, and other such hardware and by publicly discussing our findings we hope to strip away the mystery with which so many of these products are imbued.

Microsoft Outlook File Attachment Denial Of Service Vulnerability

/
Microsoft Outlook File Attachment Denial Of Service Vulnerability

Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service

/
Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service

Google Wallet Toots Two Security Flaws

/
This week, two different security researchers discovered two serious security flaws with the payment system. The first weakness pertains to the Google Wallet PIN protection system that allows access to the owner's digital wallet in a matter of seconds using a brute force method to crack the PIN. The results of the attack will enable the attacker the ability to access key information on rooted smartphone that includes credit card numbers and transaction history.