[Owasp-ireland] OWASP Ireland News: 3rd December 2010

fabio.e.cerullo at aib.ie fabio.e.cerullo at aib.ie
Fri Dec 3 07:17:17 EST 2010


********************************************************************************
1. iPhone URL display potential security threat
2. RSA Online Fraud Reports: November 2010
3. Weaving a Dangerous Web: Websense 2010 Threat Report
4. OWASP Ireland Christmas Event - Next 9th December
5. OWASP Ireland 2011 Activities
6. OWASP Ireland Board: Thank you Rahim!
********************************************************************************

1. iPhone URL display potential security threat
Security research specialist Nitesh Dhanjani has demonstrated how mobile 
Safari's ability to hide a web page's URL can be used to trick users. 
Specifically, his proof-of-concept site shows a "fake" URL filed once the 
real one has been hidden, preventing users from realizing that they're not 
looking at the site they intended to see. 

More info on his blog: 
http://www.dhanjani.com/blog/2010/11/ui-spoofing-safari-on-the-iphone-.html

ps: thanks Steve W, for sharing this link.

2. RSA Online Fraud Reports: November 2010
This month's highlight is based on an analysis conducted by the RSA 
FraudAction Research Labs on the release of Zeus 2.1. The new Zeus Trojan 
offers advanced features such as digital signing verification and data 
encoding to prevent outsiders, such as security researchers and law 
enforcement, from being able to analyze the Trojan files or access stolen 
data captured by malware. 

Full report here: 
http://www.rsa.com/solutions/consumer_authentication/intelreport/11188_Online_Fraud_report_1110.pdf

3. Weaving a Dangerous Web: Websense 2010 Threat Report
The Websense 2010 Threat Report conclusions are based on the analysis of 
Websense Security Labs™ researchers, who rely on their ThreatSeeker® 
Network, which every hour scans more than 40 million websites for 
malicious code and nearly 10 million emails for unwanted content and 
malicious code. A full copy of the Websense 2010 Threat Report, video 
introduction and background materials can be viewed in the URL below.

http://www.websense.com/content/threat-report-2010-introduction.aspx?cmpid=prblog

4. OWASP Ireland Christmas Event - Next 9th December

This is an invitation for OWASP Ireland Members to our Christmas Social 
Gathering 2010. Come and join us for a few drinks, laughs and a bit 
o'craic!

Where: Dandelion, 130 St Stephen's Green, Dublin 2

When: Thursday, December 9th 2010, 6:30pm - 9:30pm

Drinks & Nibbles: FREE

Please register in the URL below:

http://owasp-ireland-xmas.eventbrite.com (registration closes wednesday 
8th)

I would appreciate if you could register before end of this week so we get 
an idea on numbers.

5. OWASP Ireland 2011 Activities

This year is almost over but we are already planning plenty of activities 
for the next one!

** Next 11th March we are going to have a full day training on "OWASP 
projects and resources you could use today"

- The courses are FREE for OWASP members - being that by the time of the 
training event anyone may become a member if they desire to do so; 
- The contents are OWASP projects focused – to promote the awareness of 
our Projects and the understanding of how they fit into an Enterprise's 
security ecosystem or in its Web Application Development Life-cycle; 

A succesful training was held in London this year and here you could find 
all the details about it:

http://www.owasp.org/index.php/London/Training/OWASP_projects_and_resources_you_can_use_TODAY

** Next June we are hosting OWASP AppSec EU in Trinity College, Dublin. 

This time is going to be bigger than ever expecting attendees & speakers 
from all around the world.

If you want to volunteer helping with the organization, be a speaker, 
sponsor, etc please contact ireland at owasp.org

6. OWASP Ireland Board: Thank you Rahim!

As some of you might know, Rahim is leaving Ireland for some warmer 
pastures in the US west coast. He has been an endless source of support, 
guidance and assistance to the OWASP Ireland chapter. From 2011, he will 
be an OWASP Ireland Board Advisor based in the US and we will shortly 
start the process to replace his vacancy in the Board. If you are 
interested in application security and would like to become an OWASP 
Ireland Board member please drop
us a line.

I would like to personally thank Rahim for the help provided and wish him 
the best of luck in his new endeavors.

I believe he will be around next 9th December at our Xmas Social Event to 
have a final toast with us.

Thanks,

Fabio Cerullo
OWASP Ireland
ireland at owasp.org

This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks, 
AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.
~~~~~~~Please consider the environment before printing this Email~~~~~~~~
This email has been scanned by an external Email Security System.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20101203/efe59a6b/attachment.html 


More information about the Owasp-ireland mailing list