hitbmalaysia

What’s HOT in Application Security Vol#31

Oct 09, 2012 By asaphs

This Year’s Hack In The Box Conference To Hold Big Hitters In The Web Application Security World

This year’s famous Hack In The Box security conference is being held in Kuala Lumpur. Among the interesting events, Google will be hosting its Pwnium competition which first debuted at the CanSecWest security conference in March in Vancouver, British Columbia.

Google will be allowing hackers and security researchers to compete for over $2 million dollars in rewards for those able to find vulnerabilities in Chromium browser. Other ‘hacking’ events will include a 32 hour ‘Capture the Flag’ event. Teams of three will compete to hack ‘nuclear power plants’ while others will be responsible for defending them.

Interesting visitors this year include Charlie Miller, a twitter representative who is expected to unveil his NFC (near field communications) work which will focus on how software used to build NFC protocol can be used for hacking usages.

For more information please go to:

http://www.computerworld.com/s/article/9232156/Hack_in_the_Box_kicks_off_jam_packed_security_conference

Philippine Hackers Target Government Emergency Information Sites Over New Cybercrime Law

A Philippine Government official stated last week that hackers upset about a new controversial cybercrime law have targeted government sites that deliver emergency information during natural disasters.

Close government officials have pleaded with the hackers to stop the attacks on sites which include, the weather service, the earthquake and tsunami monitoring service and the social welfare agency.
The latest wave of cyber-attacks are a response to new cyber-crime law which seeks to eliminate offences such as fraud, identity theft, spamming and child pornography amongst others. However, cyber protesters claim that the new law will curb personal freedoms. Under the new cyber laws, the government will be able legally monitor online activities, such as, email, video chats, and close down websites that it views as criminal.

For more information please go to:

http://www.thejakartaglobe.com/seasia/philippines-appeals-to-hackers-to-cease-attacks-over-cybercrime-law/548627

Hackers Attack University Servers As A protest To The Rising Cost And poorer Standards Of higher Education

A hacking group calling themselves ‘team Ghostshell’ have published a list on PasteBin of data they claimed was stolen from top Universities such as Stanford University, Cambridge University, University of Zurich as well as nearly 50 others.

The hackers claimed that the leaked data included roughly 120,000 accounts which included usernames and passwords. Whilst most Universities labeled the breaches as ‘minor’, experts agree that Universities should take the attacks as a sign that they need to up on security measures. One security analyst remarked that most have very or little knowledge of how many servers are running on their networks, let alone how many of those are secure.

For more information please go to:

http://www.techweekeurope.co.uk/news/anonymous-protesters-hack-university-servers-95338

The following two tabs change content below.

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.