Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: Shmoocon

ShmooCon 2012: Raising The White Flag

8 Comments Posted by on January 28, 2012

Raising The White Flag :: Bypassing Application White Listing – Curt Shaffer and Chris Cuevas NOTE: The video of this talk has now been made available over at the ShmooCon website. More and more people are seeing application whitelisting in their environments. Despite what marketing people say, these solutions don’t stop APT and other advanced [...]

Conference, Security ,

ShmooCon 2012: Java backdoors and Cross Framework Abuse

3 Comments Posted by on January 28, 2012

Java backdoors and Cross Framework Abuse – Nicholas (aricon) Berthaume Adding backdoor(s) Java has a number of different archive formats. This talk covers the J2SE / J2EE type archives. The goal here is to show how simple it is to add potentially malicious software to three of the most common format. JAR – Java ARchive [...]

Conference, Security , ,

Shmoocon round-up

Leave a Comment Posted by on February 14, 2011

It’s been a whirlwind since I got back from DC… With work, private stuff and the odd SAP presentation. Still, Shmoocon remains fresh in my mind. After a shaky start (whoops, my planes been cancelled), I finally got to DC with a short detour through New York and the usual run around from Delta airlines. [...]

Conference, Security , ,

Shmoocon 2011: URL Enlargement: Is it for you?

Leave a Comment Posted by on January 30, 2011

URL Enlargement: Is it for You? Daniel Crowley What’s behind short URLs? Are short URLs really being used for bad things? Do URLs contain sensitive information Can you get short URLs removed What are the possible solutions Underlying issues Easily guessable URLs Storage of sensitive data in URLs Authentication based on knowledge of the URL [...]

Conference, Security , ,

Older posts

Follow

Get every new post delivered to your Inbox.