Showing posts sorted by relevance for query Defcon. Sort by date Show all posts
Showing posts sorted by relevance for query Defcon. Sort by date Show all posts

NSA Calls Defcon The "World's Best Cybersecurity Community" & Asks for Their Help

Posted by Avik Sarkar On 8/01/2012 02:10:00 am

NSA Calls Defcon The "World's Best Cybersecurity Community" & Asks for Their Help

A week ago DEFCON confirmed the presence of National Security Agency Director General Keith B. Alexander at DEFCON 20 in Las Vegas.  “I’ve spent 20 years trying to get someone from the NSA” to speak at Defcon, said Defcon founder Jeff Moss, who serves on the U.S. Homeland Security Advisory Council and is chief security officer for ICANN. Moss added “On the NSA’s 60th anniversary and our 20th anniversary this has all come together.” Here comes a double boom, Mr. Alexander not only attended the world's largest annual party but also greets Defcon the "world's best cybersecurity community" and asks for their help to secure cyberspace. Hackers can and must be part, together with the government and the private industry, of a collaborative approach to secure cyberspace, he said. Hackers can help educate other people who don't understand cybersecurity as well as they do, the NSA chief said. "You know that we can protect networks and have civil liberties and privacy; and you can help us get there."
Gen. Alexander congratulated the organizers of Defcon Kids, an event dedicated to teaching kids how to be white-hat hackers, and described the initiative as superb. He called 11-year-old Defcon Kids co-founder CyFi to the stage and said that training young people like her in cybersecurity is what the U.S. needs.
He encouraged hackers to get involved in the process. "We can sit on the sidelines and let others who don't understand this space tell us what they're going to do, or we can help by educating and informing them" of the best ways to go forward. "That's the real reason why I came here. To solicit your support," he said. "You have the talent. You have the expertise." The hacker community has built many of the tools that are needed to protect cyberspace and should continue to build even better ones, he said during his keynote at Defcon. He gave the example of Metasploit and other penetration testing tools. 
VOGH Reaction:-
On behalf of VOGH team I personally thanks Mr. Keith B. Alexander for his presence at DEFCON. I do believe that such approach will encourage young hackers, and will surely give them extra enthusiasm, by which in coming future we will get a better and much secured cyber space. 


-Source (PCW)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Director of National Security Agency Will Join DEFCON 20 Hacking Conference

Posted by Avik Sarkar On 7/24/2012 01:36:00 am

Director of National Security Agency Will Join DEFCON 20 Hacking Conference

Great news for hackers and security professionals who will attend the most awaited & the world's largest annual hacking party "DEFCON 20" in Las Vegas next week will have a rare chance to rub shoulders with the head of the U.S. National Security Agency. The Defcon 20 official page is saying that the director of the spy agency, Mr. General Keith Alexander will speak at the Defcon conference, marking the highest-level visit to date by a U.S. government official to the colorful gathering. 
The founder of Defcon and renouned hacker Mr. Jeff Moss said who is known as the Dark Tangent said "We're going to show him the conference. He wants to wander around". Still, Moss said he expect there could be some controversy over Alexander's presence among the diverse hacker crowd that attends the conference. The NSA plays both offense and defense in the cyber wars. It conducts electronic eavesdropping on adversaries, in addition to protecting U.S. computer networks.
"I expect some people will say 'You are a sellout for having someone from the NSA speak" Mossed added.
He said he's spent a decade trying to get the head of the NSA to speak at Defcon, but he never imaged it would actually happen: "To me this is really validating of the whole culture."
Defcon offers a side conference for children, Defcon Kids, which Alexander will likely visit. It also trains hackers to pick locks and has an annual contest to measure who is best at persuading corporate workers to release sensitive data over the phone. Moss said he invited federal agents to the first Defcon conference, but that they politely declined. They showed up anyway, incognito. They kept coming, in bigger numbers, sometimes in uniform. "We created an environment where the feds felt they could come and it wasn't hostile," Moss said. "We could ask them questions and they wanted to ask the hackers about new techniques."


-Source (Huffington Post)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Kids (Age Between 8-16 Years) Conference to Teach "White Hat" Skills

Posted by Avik Sarkar On 6/24/2011 09:24:00 pm



DEFCON was started in 1993, and has grown into the largest annual gathering of hackers. Attendees to this year’s conference, DEFCON19, will include cyber-criminals, hackers, computer security professionals, security personnel, US Federal agents, and any one else with interest in anything that can be hacked. Activities at the event include speakers on different subjects of interest to hackers, social events and contents. In August the first ever DEFCON kid’s conference will take place. This conference will be run as part of the main DEFCON conference, and is meant to teach kids between 8 and 16 years “white hat” hacker skills. As opposed to “black hat” hacking, the DEFCON Kids will be taught “white hat” hacker skills that will give them the ability to protect themselves against cyber crime. Black hat involves the dark side of internet hacking, including looting of money and destruction of hardware or software. The aim is to convince kids that it is cool to fight crime by being an ethical hacker.
The courses will be run by some of the world’s most elite hackers. According to the DEFCON Kids website, the training and demonstrations will include “learning how to open Master locks, Google Hacking, making Electronics, Social Engineering, coding in Scratch and Communicating in Code.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Voice of Greyhat Released Their 2nd Magazine "VOGH RELEASED II | DEFCON Chennai The Reality"

Posted by Avik Sarkar On 9/27/2011 06:31:00 am


Voice of Greyhat (VOGH) released their second  magazine named "VOGH RELEASED II | DEFCON Chennai  The Reality"

VOGH RELEASED II | DEFCON Chennai  The Reality Contents:- 
  • Introduction
  • What is DEFCON 
  • Brief History of DEFCON
  • DECFON Chennai
  • The Reality 
  • Conclusion


Download:- Archiver Format | PDF Format



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Zero-day Exploit in iOS Games Exposed by a Teenagers (10-Year Old Girl)

Posted by Avik Sarkar On 8/09/2011 04:16:00 pm


A 10-year-old California girl’s presentation at a hacker conference in Las Vegas is getting a lot of attention. The girl, who uses the pseudonym “CyFi,” revealed a zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of vulnerability Zero-day exploits are used or shared by attackers before the developer of the target software knows about the vulnerability. The girl first discovered the flaw earlier this year because she was bored with the pace of farm-style games.
While CyFi isn’t revealing which games are affected, most of them have time-dependent factors. She opened up the exploit by manually advancing a phone or tablet’s clock to force a game ahead in time. Some games block such a trick but the young hacker says she found ways to avoid those detections such as disconnecting the phone from Wi-Fi and making incremental clock adjustments.
CyFi’s presentation was part of DefCon Kids, a new offshoot of the annual hacker convention that features an area where kids can learn how to do things like open master locks, do certain kinds of hacks, code in scratch and communicate in code.
While her presentation at DefCon was her first public vulnerability disclosure, CyFi said she was only a little nervous. An artist, girl scout and downhill skier, she has spoken publically numerous times, usually at art galleries as a member of “The American Show,” an underground art collective based in San Francisco. According to her bio on the DefCon Kids Web site, CyFi has had her identity stolen twice.
Rosenblatt points out that the new DefCon Kids programming reflects that “members of the hacking community are getting older and raising families.”


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CDMA and 4G WiMAX Wireless Networks Compromised (#Defcon)

Posted by Avik Sarkar On 8/12/2011 04:27:00 pm


A post on the Full Disclosure mailing list claims both CDMA and 4G WiMAX wireless networks were compromised using a man-in-the middle attack at Defcon earlier this week.
Coderman, who posted the information, was a witness to the attack which gained access to Android smart phones and PCs on the local CDMA and 4G cellular network. The hackers started with simple exploits, like looking for devices with superuser access and sending remote notifications that opened a backdoor to the device. They then used more complex techniques until a device was compromised.
The goal of the attack was a mass infiltration of devices and the interception of data on commercial licensed bands. According to Coderman, this goal was achieved.
There's lot of speculation about how this hack was pulled off, but the group behind it has not released any details. Until someone comes forward with more information, we can't assess the seriousness of this attack, nor speculate whether it would work outside the conference.
To know the full disclosure report click here 
-News Source (gizmodo & defcon)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Google's reCAPTCHA System Cracked By Hackers at Defcon Group

Posted by Avik Sarkar On 5/31/2012 07:23:00 pm

Google's reCAPTCHA System Cracked By Hackers at Defcon Group 949

Web-security under serious trouble, a group of hackers from Defcon Group 949 managed to crack Google's reCAPTCHA system with a success rate of better than 99 percent. Last week in LayerOne security conference in Los Angeles they demonstrated their research. But just an hour before the presentation, Google made improvements to its CAPTCHA system and fixed those flaws.
In their site they said - that they have developed everything using Ubuntu 10.04, Ubuntu 11.04, and Debian 6, however it should work on any Linux distribution without too much effort. The one thing we noticed when testing it on Ubuntu 12.04 is that it comes with a slightly different version of SoX, which has some changes which drops accuracy from 99% to around 60%. So for best results, you'll want to use SoX v14.3.0 (or v14.3.1). 

They have also developed a tool named "Stiltwalker" a proof of concept tool that defeats Google's reCAPTCHA with an insanely high accuracy (99%). All the research, code, tools and examples used in the reCAPTCHA domination made available to download for all.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NSA (National Security Agency) is Searching For Good Hackers

Posted by Avik Sarkar On 8/03/2011 05:31:00 pm

 
The National Security Agency has a challenge for hackers who think they’re hot stuff: Prove it by working on the “hardest problems on Earth.”
Computer hacker skills are in great demand in the U.S. government to fight the cyberwars that pose a growing national security threat — and they are in short supply.

For that reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only — no registration, no credit cards, no names taken. Attendance is expected to top 10,000.
The NSA is among the keen suitors. The spy agency plays offence and defence in the cyberwars. It conducts electronic eavesdropping on adversaries, and it protects U.S. computer networks that hold super-secret material — a prime target for America’s enemies.

“Today it’s cyberwarriors that we’re looking for, not rocket scientists,” said Richard “Dickie” George, technical director of the NSA’s Information Assurance Directorate, the agency’s cyber-defense side.

“That’s the race that we’re in today. And we need the best and brightest to be ready to take on this cyberwarrior status,” he told Reuters in an interview.
The NSA is hiring about 1,500 people in the fiscal year, which ends Sept. 30, and another 1,500 next year, most of them cybersecurity experts. With a workforce of about 30,000, the Fort Meade-based NSA dwarfs other intelligence agencies, including the CIA.
It also engages in cyber-spying and other offensive operations, something it rarely, if ever, discusses publicly.
But at Defcon, the NSA and other “Feds” will be competing with corporations looking for hacking talent.
The NSA needs cybersecurity experts to harden networks, defend them with updates, do “penetration testing” to find security holes and watch for signs of cyberattacks.
The NSA is expanding its fold of hackers, but George said there is a shortage of those skills. “We are straining to hire the people that we need.”

It might seem to be an odd-couple fit — strait-laced government types with their rules and missions trying to recruit hackers who by definition want to defy authorities.
George said the NSA is an environment where the hacker mind-set fits with “a critical mass of people that are just like them.”
But what about culture rifts?
“When I walk down the hall there are people that I see every day and I never know what color their hair’s going to be,” George said. “And it’s a bonus if they’re wearing shoes. We’ve been in some sense a collection of geeks for a long, long time.”
The agency has long been known for its brilliant, but sometimes eccentric, mathematicians and linguists.
Jeff Moss, a hacker known as Dark Tangent, knows something about bridging the two worlds. He founded Defcon and the companion Black Hat conference for security professionals and is now a member of the Department of Homeland Security’s Advisory Council, which advises the government on cybersecurity.
“They need people with the hacker skill set, hacker mind-set. It’s not like you go to a hacker university and get blessed with a badge that says you’re a hacker. It’s a self-appointed label — you think like one or you don’t,” Moss told Reuters.

-News Source (Washington Post)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BackTrack 5 R3 Released & Available To Download

Posted by Avik Sarkar On 8/14/2012 02:44:00 am

BackTrack 5 R3 Released & Available To Download!!

In our last post about BackTrack we mention the release date of long awaited BT 5 Release 3. So finally the countdown is over. The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released world wide. First BT5 R3 preview was released  in BlackHat 2012 Las Vegas for the enjoyment of conference attendees. The main aim of that pre-release was to figure out their last bug reports and tool suggestions from the BH / Defcon crowds. This final release mainly focuses on bug-fixes as well as the addition of over 60 new tool. A whole new tool category was populated – “Physical Exploitation”, which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection.
As usual KDE and GNOME, 32/64 bit ISOs, have been released a single VMware Image (Gnome, 32 bit). 
We would also like to give to reminder that the first release candidate (R1) of BackTrack 5 was released in August last year. Later in March this year we got the second release candidate (R2) of BT 5. 
For those requiring other VM flavors of BackTrack If you want to build your own VMWare image then instructions can be found in the BackTrack Wiki. Direct ISO downloads will be available once all our HTTP mirrors have synched. But still you can download BackTrack 5 R3 via torrent from the below links. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Hired Kristen Paget, Renowned Hacker & Former Security Expert of Microsoft

Posted by Avik Sarkar On 12/11/2012 05:53:00 pm

Apple Hired Kristen PagetRenowned Hacker & Former Security Expert of Microsoft 

 To become  the very best along with that to maintain and hold your position, you need to deliver your hundred percent even some times more than hundred percent, and this race continues. For that we have to gather the very best guy with as. The above fact took place again, when Apple hired a renowned computer security researcher who helped Microsoft to rid Windows Vista from glaring exploits. I think, you already started guessing, let me tell you that yes you are absolutely right. Kristen Paget formerly known as Chris Paget who was part of an elite team of security experts of Microsoft has now been hired by Apple to lend her expertise to securing the company's operating systems. Apple, slowly, has been trying to make inroads into the security community. This summer, an Apple engineer spoke at the Black Hat security conference for the first time. So it is a bit predictable that why Apple is looking for security experts. Paget's exact charge at Apple is still somewhat of a mystery, with company representatives declining to comment on the specifics of what she'll be working on. After leaving Microsoft and prior to her move to 1 Infinite Loop, Paget was employed by security firm Recursion Ventures. According to sources, this past July, she'd departed stating that she wished to focus on developing security-related hardware.  
According to a report by Wired - Paget’s work at Microsoft had been similarly secretive. She’d been forbidden from speaking about it for five years after her work there ended.
But in 2011, the NDA expired, and she spilled the beans on her Vista hacking at the Black Hat Las Vegas conference. In short: Microsoft’s security team had expected Vista to be pretty clean when Paget got her hands on it, but they were wrong.
“We prevented a lot of bugs from shipping on Vista,” Paget said, according to a recording of her talk. “I’m proud of the number of bugs we found and helped get fixed.” Paget and company’s bug-hunt was so successful, in fact, that it forced Microsoft to push back Vista’s ship date. When the work was done, the hackers received special T-shirts, signed by Microsoft Vice President of Windows Development Brian Valentine. They read: “I delayed Windows Vista.” 
Until this past summer, Paget had been chief hacker at Recursion Ventures, a company that specializes in hardware security. When she left in July, she said she was looking for a break from bug-finding, hoping to find a job that involved building “security-focused hardware.”
“I’ve done too much breaking of things, it’s time to create for a change,” she said on Twitter. She was hired in September as a core operating system security researcher at Apple, according to her Linkedin Profile. 
Paget made headlines in 2010 when she built her own cellphone-intercepting base station at the Defcon hacker conference. Back then, Paget was known as Chris. She switched genders last year.

While talking about hiring geniuses by giant firms, we would like to remind you that very recently Apple has hired search guru Bill Stasior to oversee Apple's Siri voice-activated personal assistant. Along with this, few months ago social networking giant Twitter had appointed famous whitehat hacker Charlie Miller, to boost up its security.  Also in late 2011 Nicholas Allegra, the world-famous hacker known as "Comex", creator of JailbreakMe.com comes was also hired by Apple.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BackTrack 5 R3 (Penetration Testing Distribution) Will be Available on August 13th, 2012

Posted by Avik Sarkar On 7/26/2012 04:15:00 pm

BackTrack 5 R3 (Penetration Testing Distribution) Will be Available on August 13th, 2012

Earlier we have discussed several times about BackTrack. After the huge success BackTrack 5 R2, now the world's most popular and widely used penetration testing distribution BackTrack is set to release its third release candidate (R3) of BT 5. According to the official release The BackTrack Development team will be releasing an R3 revision of their Penetration Testing distribution in 2 weeks. This release focuses on bugfixes and over 50 new tool additions – making it the most potent revision yet. Though the BT5 R3 preview has already been released in BlackHat 2012 Las Vegas for the enjoyment of conference attendees, which can be found in their delegate bags.  The DVD contains a BT5 R3 Gnome, 32 bit edition – burnt as an ISO (as opposed to an image). The BackTrack Development team will be taking in their last bug reports and tool suggestions from the BH / Defcon crowds for the upcoming official release, which will be on August 13th, 2012We would also like to give to reminder that the first release candidate (R1) of BackTrack 5 was released in August last year. Current BT5 users can simply upgrade to the latest release using the regular update commands. More details will be released along with the full listing of new tools on the 13th of August. 







SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BackTrack 5 R1 Will be Available on 10th of August,2011

Posted by Avik Sarkar On 7/21/2011 07:00:00 pm

 
After the huge success of BT 5 now Famous Security Distribution Back Track Linux will decide to release BackTrack 5 R1 on the 10th of August,2011. This will complete the first 3 month cycle since the last release. With over 100 bug fixes, numerous package updates and the addition of over 30 new tools and scripts – BackTrack 5 R1 will rock. We will have a pre-release event of BackTrack 5 R1 at the BlackHat  / Defcon Conference  a few days earlier. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search