[Owasp-cincinnati] Upcoming OWASP Cincinnati April Meeting
Marco M. Morana
marco.m.morana at gmail.com
Sun Apr 19 09:12:38 EDT 2009
Upcoming April Meeting
a.. When: Tuesday, April 28th, 12.00 - 1.30 PM
If you plan to attend the meeting please RSVP by email to Marco Morana (marco[dot]m[dot]morana[at]gmail[dot]com)
You can also register to the event via OWASP google calendar @ http://www.google.com/calendar
a.. Presentation: Bad Cocktail: Application Security Flaws + Targeted Phishing
Rohyt Belani is CEO and co-founder of the Intrepidus Group : Site takedown services, anti-phishing filters, and millions of dollars worth of protective technologies...and the spear phishers are still successful! This presentation will discuss why this is the case. Today, phishing is a key component in a "hackers" repertoire. Phishers are combining social engineering with application security flaws in well known websites to make automated detection of targeted phishing attacks almost impossible. The result - hijacked online brokerage accounts, stolen identities and e-bank robberies. During this talk, I will present the techniques used by attackers to execute such spear phishing attacks, and real-world cases that I have responded to that will provide perspective on the impact. I will then discuss countermeasures that have been proven to be effective and are recommended by reputed bodies like SANS and Carnegie Mellon University.
a.. Presenter Bio
Rohyt Belani is CEO and co-founder of the Intrepidus Group, and Adjunct Professor at Carnegie Mellon University. Prior to starting the Intrepidus Group, Mr. Belani has held the positions of Managing Director at Mandiant, Principal Consultant at Foundstone and Researcher at the US-CERT. He is a contributing author for Osborne's Hack Notes - Network Security, as well as Addison Wesley's Extrusion Detection: Security Monitoring for Internal Intrusions. Mr. Belani is a regular speaker at various industry conferences including Black Hat, OWASP, ASIS, SecTOR, Hack in the Box, Infosec World, TechnoSecurity, CPM, ISSA meetings, and several forums catering to the FBI, US Secret Service, and US Military. He has written technical articles and columns for online publications like Securityfocus and SC magazine, and has been interviewed by BBC Radio, Forbes magazine, eWeek, ComputerWorld, TechNewsWorld, InformationWeek, Information Today, IndustryWeek, E-Commerce Times, SmartMoney, and Hacker Japan. Mr. Belani holds a Bachelor of Engineering in Computer Engineering from Bombay University and a Master of Science in Information Networking from Carnegie Mellon University. He currently leads the OWASP Java Project a world-wide consortium of Java security experts.
a.. Location / Venue Sponsor: Citibank 9997 Carver Road, Bldg. 1, Cincinnati, Ohio, 45242-5537
For help with directions contact Citi Blue Ash help desk at (513) 979-9000 or check directions herein.
Please access the building from the visitor lobby. OWASP meetings are held at the "Buckeyes" lecture room.
a.. 12:00 - 12:15 Registration and Peer-to-Peer Networking
b.. 12:15 - 12:30 OWASP Updates
c.. 12:30 - 1:30 Presentation
a.. Proof of ID is required to attend the meeting
Citi guards verify that you pre-registered to the meeting by checking the RSVP list. Once you are checked and identified (please bring a proof of ID) you will be granted visitor access to the training facilities.
a.. Presenter logistics
Presentations material ( e.g. powerpoint, flash demos) should be made available on USB memory stick. Presentations are uploaded and ran on a MS Windows XP loaded Citi owned laptop. External internet connection is provided.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-cincinnati