nullcon Goa 2017 - E Hacking News coverage


Nullcon Goa which took place between 3rd and 4th march has successfully brought together Hackers, CXOs, Security researchers, other persons who are interested in Information Security to share their research and discuss critical issues faced in the field.

nullcon Goa 2017 Highlights:

Day 1:

"Increasing your impact on Facebook Bug Bounty" by Jack Whitton explained in detail some of the statistics of their Bug Bounty Program. They also explained the difference between a good bug report and a bad one.Also what does not constitute as a bug.They also pointed out areas of facebook that need more testing.

In his talk about Nearly generic fuzzing of XML-based formats Nicolas Gregoire talked on his new XML fuzzer and how it is works. He also talked about how it was used to find vulnerabilities in Firefox , Adobe and many other popular tools. He also briefly talked about the next levels of testing he is gonna do on SVG. You can follow him here:

Drone Hijacking and other IoT hacking with GNU Radio and SDR by Arthur Garipov was very informative as he explained from the basics and showed the talk attendees on how to get stated with your own SDR setup for hacking. He also demonstrated hacking of a wireless mouse and drone by using a SDR.

Barbarians at the Gate(way) by Dave Lewis he talked about the latest happenings on the Internet and mainly focused on DDOS attack trends over the past year.

Christopher Truncer released 3.0 version of Veil Framework at nullcon- a tool designed to generate metasploit payloads that bypass common anti-virus solutions.

Daniel Bohannon showed how to do obfuscation in Powershell commands and how to detect them.





Day 2:
The keynote by Karsten Nohl titled "When enough is enough: The limits of desirable security." was very intresting to listen to. He talked about the mistakes that the security community is doing and if we are all concentrated on the wrong things when some basic issues have not yet been fixed.

In the talk on "Case study of SS7/Sigtran assessment" Akib Sayyed talked about how his team tested the SS7 networks and the vulnerabilities that were found. He also released a tool called "safeseven" that can be used to test SS7 networks.

Timur Yunusov gave a talk on ATM Security and different logical attacks that can be done against them. He explained how to bypass kiosk screens,boot into safemode's,use hardware attacks and much more.

Ajin Abraham talked on his latest project "Injecting Security into Web apps with Runtime Patching and Context Learning" .He talked about a new concept called RASP and explained its difference from a WAF.He also gave a live demo of the RASP he developed and how it blockes XSS,SQLI and RCE. He also talked about future ideas that he is going to implement to his tool.

Snippets from nullcon:

    * "Cyber security in India is growing rapidly." Josh Armour, Security Program Manager at Google says. "We are happy to be present at the nullcon conference"
   
    * Asif Baig, a Bug hunter who found security bugs in major companies and have been listed in many Hall of fames.
   
    * Yogendra Jaiswal, DIMT Raipur student, in interview with EHN told that he found Cross Site Scripting vulnerability in Linkedin and have participated in Bugcrowd's private hunt. He also said he found 2-Step authentication bypass in wordpress.com
   
    * Sushmil, from tesseract - a startup company, said they are developing a "Cyber Threat Intelligence" product that gathers information from multiple sources and helps client to prevent cyber attacks.
   
    * Vishwaraj Bhattari said he found bugs in top companies including Google, Facebook, twitter.


Presentation Slides:

 

nullcon Information Security Conference 8Bit, Goa 2017




nullcon‍ was founded in 2010 with the idea of providing an integrated platform for exchanging information on the latest attack vectors, zero day vulnerabilities and unknown threats. Our motto - "The neXt security thing!" drives the objective of the conference i.e. to discuss and showcase the future of information security and the next-generation of offensive and defensive security technology. The idea started as a gathering for researchers and organizations to brainstorm and demonstrate why the current technology is not sufficient and what should be the focus for the coming years pertaining to information security. In addition to security, one of the section of the conference called Desi Jugaad (Hindi for "Local Hack") is dedicated to hacking where we invite researchers who come up with innovative security/tech/non-tech solutions for solving real life challenges or taking up new initiatives.

The nullcon conference is a unique platform for security companies/evangelists to showcase their research and technology. Nullcon hosts Prototype, Exhibition, Trainings, Free Workshops, null Job Fair at the conference. It is an integrated and structured platform, which caters to the needs of IT Security industry at large in a comprehensive way.

The event consists of 25 speeches and 11 training sessions, which cover all major topics of IT security industry. The conference is created for security companies/enthusiasts so they can showcase the most up to date research and technology on the topic. The shared knowledge is usually used afterwords within the organizations. Moreover, we host ExhibitionFree WorkshopsCTF Hacking competitionsJob FairBlackShield Awards and other events at the conference.

The Keynote will be addressed by Joshua Pennell, Founder & President, IOActive, following which we would have talks by various international security researchers on topics such as, ATM Hackings, Drone Hijacking, Telecom Protocol Security, Blockchain issues, Cloud Security, Bug Hunting, Social Engineering, Botnets and lots more.

With nullcon 8-bit edition we have made a lot of changes bringing the conference to the next level:
  • We anticipate to have 1000 people,
  • Additional DevOps Security Track,
  • New Trainings on Cloud Security, IoT, Infrastructure, Hardware Security,
  • New CXO Panel session,
  • Larger exhibition vendor area etc.

Nullcon Goa 2017 Dates:
  • Training - 28th Feb to 2nd March 2017
  • Conference - 3rd to 4th March 2017

New Venue:
Holiday Inn Resort, Mobor Beach, Cavelossim, Salcette, Goa - India.
Registartion is still open! Get your pass here: http://nullcon.net/website/register-goa.php

We are happy to announce that we are giving 10% discount for a conference pass if you are E Hacking News Reader! Don’t miss your chance to visit the leading Asia's Information Security Conference!

Visit our website for more information: http://nullcon.net/website/
We are looking forward to seeing you at the conference!


XOR Conference 2015


XOR Conference 2015, an International Security conference was held from 17th Oct. to 18th  Oct in Kochi, was sponsored by  Cyber security and Privacy Foundation(CSPF).

The event started with the two training sessions. One was on Web App Security and Exploitation by Ajin Abraham, Francis Alexander, and another one on  Hardware\IOT security and Exploitation by Yashin Mehaboobe. Both the training session aimed at educating the attendees about the possible threats and how to deal with them.

The next day is followed by numerous talks and discussion session by various security researchers.

Santhosh Kumar, a Security researcher tabled a talk on the topic “Windows Management Instrumentation – A Frontdoor For Malwares!”. It was an  introduction to WMI and demonstrate the various ways that WMI can be used as an attacker’s swiss army knife, how malware authors are using this to leverage their exploits, how the present day tools can be used and how to protect against these type of attacks.

Arjun T.Unnikrishnan, an Undergraduate from Amritha University talked on Radare2, which provides a framework to effectively perform binary tasks with least amount of busy work.

Kunal Relan, a Security Researcher from  Aarvee Idealabs discussed on Pentest Ninja,  an extension for Firefox Desktop Browse,  which is a semi-automated SQLi injection Takeover Tool. It turns on like a sidebar and can test web applications on the go with live view.

Rahul Sasi, Founder & CTO  of CloudSek, talked on anonymous topics, whereas security researcher from Citrix Systems, Riyaz Walikar, talked about various methods of obtaining administrator privileges in a Windows environment, and another researcher Rakesh Paruchuri presented his presentation on Return Oriented Programming.

Abhinav Mishra, a Senior Security Consultant in To The New Digital, presented his paper which deals with the security mechanism that some of the newest online retailers apply, the technology they rely upon and obviously the ways to hack all this. This research paper focus on understanding the whole online payment process and the vulnerabilities associated with them.

Anto Joseph, a Security Engineer in  Citrix R&D, focused on various attacks/attack vectors and how to exploit vulnerabilities in Android based devices.

DEFCON Kerala 2014: Call For Papers is Open Now


DEFCON Kerala (DC0497) is a DEFCON USA Registered group for promoting information Security Research. We arrange up an environment of Hackers, Developers, Security Analysts, Security Enthusiasts, and the Corporate Security Stake holders before you.

Defcon Kerala is a platform for Security Researchers, both professionals and students to present their technical research papers and their creativity related to “Computer Security”. Defcon Kerala will be a stepping stone for professionals, beginners, and students by providing a starting point to advance their knowledge and skillsets.

Topic of Interest
  • New Security Tools
  • New Exploits Vulnerabilities and Zero Days
  • Cyber Forensics
  • Lock Picking & Physical Security exploitation
  • Web Application & Network Security
  • Antivirus/IDS/Firewall/filter evasion techniques
  • Social Engineering
  • Browser Exploitation
  • Mobile Application Security and Exploitation
  • Wireless Security
  • Denial of Service Attacks
  • Hardware Hacking/ SCADA Hacking
  • Honeypots
  • Encryption and Cryptography 
  • Fuzzing and Exploitation 
  • Open Source Security 
  • Anonymity in Internet
  • Carding and Black Market Analysis

NOTE: These are just some sample topics. You can send any topics related to Information Security.

Submission Format
Send your papers to cfp@defconkerala.com

Follow the format given below:
Name:
Designation:
Mobile:
Twitter Handle:
Brief Biography:
Paper Title:
Paper Abstract:
Publishing any Tools/Vulnerabilities/Zero Days (YES/NO, If Yes Specify the details):
Any Additional Requirements:
Attach a face photo shot to be published in the website.

IMPORTANT
Presentation Time: 30 mins

Speaker Benefits
  • Complimentary Pass to the Event
  • Certificate of Speaking
  • Food Coupons

Important Dates
CFP is open: 25th December 2013
CFP Submission Deadline: 10th February 2014
Complete set of Speakers will be published: 20th February 2014
Defcon Kerala Meet 2014 Scheduled on: 8th March 2014

Frequently visit our website for notifications and changes.
Stay tuned to www.defconkerala.com

CyberTech 2014, International exhibition & conference for Cyber solutions


CyberTech 2014 (cybertechisrael.com) is one of the best International Cyber security conference going to happen in Israel which is Inaugurated by Israeli Prime Minister, Mr.Benjamin Netanyahu.

Leading multi-national companies, over a hundred start-ups, private and corporate investors, experts and many more are going to participate in this event.

The keynote speakers of the event are leading cyber security experts including Chairman and CEO of Kaspersky lab 'Eugene Kaspersky', Head of the Israeli National Cyber Bureau 'Dr.Eviatar Matania',  Senior Vice President of Cisco Systems 'Bryan Palma'.

Cyber Security Privacy Foundation(CSPF) is interested to take a delegation of corporate/companies to Israel.

Indian companies who would like to tie up with Israeli hi-tech cyber start-ups can contact CSPF.  If you need any assistance in getting VISA to Israel for the conference, you can also contact CSPF.

Contact Details of CSPF: Founder@CySecurity.org



DefCamp 2013 : International hacking and information security conference in Romania

 

Between 29-30th of November, Crystal Palace Ballroom, Bucharest is hosting the fourth edition of one of the most hypnotizing events on hacking & INFOSEC in Romania and South-Eastern Europe - DefCamp. The list of special guests contains big names, such as Raoul Chiesa, founder and president of The Security Brokers and Carsten Eiram, Chief Research Officer at Risk Base Security.

The conference that will take place this fall will engage participants in discussions about how to travel for free with Bucharest Public Transit (RATB and Metrorex), hijacking control of your car, hacker profiling, 0days, PRISM, mobile security problems, DDOS, networking, P2P networks, D&D APT’s, social engineering, camera surveillance, metasploit, header analysis, application security research, NSA, Snowden, privacy concerns, credit cards, Romanian Internet scanning, networking, P2P networks, SSL ripper lock picking, copyrights, Romanian laws, secure system administration with key industry specialists from Romania and abroad holding presentations.
 
The conference will also include a series of hands-on activities such as DCTF (DefCamp Capture the Flag), App2Own, Hack The Machine and Spot The Cop, rewarded with prizes.

Keynote presentations will be held by our special guests:
  •  Raoul "Nobody" Chiesa, president of The Security Brokers
  •  Carsten Eiram, Chief Research Officer at Risk Base Security.
  • The awesomeness is powered up by:
  •   Kizz MyAnthia, Senior Penetration Tester – Shadowlabs at HP Enterprise Security
  •  Nathan LaFollette “httphacker”, Senior Security Consultant – Shadowlabs at HP Fortify
  •  Nir Valtman, R&D Chief Security Officer at Retalix
  •  Robert Knapp, Co-Founder & CEO CyberGhost SRL
  •  Milan Gabor, CEO at Viris
  •  Adrian Furtuna, Security Consultant at KPMG Romania
  •  Bogdan Alecu, System Administrator at Levi9 and one of DefCamp's traditional speakers
  •  Alex Negrea, Co-founder at docTrackr.com
  •  Andrei Costin, PhD student with EURECOM & Co-Founder/Lead-Researcher at Firmware.RE
  •  Ionut Popescu, Security Consultant at KPMG
  •  Dan Catalin Vasile, Board Member of OWASP Romania
  •  Brindusa Stefan Cristian, Lead-Developer at RogentOS GNU/Linux
  •  Radu Stanescu, IT Security Consultant & Trainer Sandline
  •  Bogdan Manolea, legi-internet.ro
  •  Bogdan-Ioan Şuta, Independent Security Researcher.

“We have awaited the 48 hours of DefCamp 2013 since the closing moment of the last edition. It is hypnotizing to exchange ideas, to compete, to expand your knowledge and to meet people who you know only from the virtual world. I wish I could also participate to fully enjoy these moments!", said Andrei Avădănei, founder and coordinator of the Defcamp conference in a press release.

DefCamp managed, in just 4 editions, to be the most awaited conference in the entire information security and hacking scene in Eastern Europe. It's the perfect time to join and feel the vibes.

For more details you can access our website or contact us directly at contact@defcamp.ro.  Don't forget to sign up! European students pay only 50% of the ticket!

Ground Zero Summit 2013 - Asia’s largest Information Security Summit Kicks off in New Delhi

New Delhi, November 07, 2013: In an attempt to generate information security awareness and combat sophisticated threats that the country is facing in cyber security domain, the “Information Security Consortium” - an independent apex body and an outcome of an alliance between industry and Government of India kicked off Ground Zero Summit 2013 at Hotel Ashok, New Delhi today.


The inauguration speech by given by Dr. Rajagopala Chidambaram, Principal Scientific Advisor to Govt. of India, the special address was made by Mr. Pratyush Kumar, Chairman – National Council on Cyber Security, ASSOCHAM. Special Keynote was given by Dr. S.K. Nanda, Additional Chief Secretary, Home, Government of Gujarat and Dr. Gulshan Rai, National Cyber Security Coordinator - Director General, CERT-In, Government of India and Mr. Muktesh Chander, IPS, Joint CP, Delhi Police. Shantanu Ghosh, VP and MD – India Product Operations, Symantec Corporation addressed an executive keynote on Cyber readiness challenges. Special note was given by Chief Guest H.E. Shekhar Dutt, Governor of Chhattisgarh.

Day 2 will witness Keynote by Dr. Nirmalijeet Singh Kalsi, IAS, Joint Secretary (Police) – II, Ministry of Home Affairs, Government of India; Capt. P Raghu Raman, CEO, NATGRID and John McAfee, Original founder, McAfee.

The two day conference will take a holistic view of the Information Security landscape in Asia and will examine various issues related to it. It also focuses on the Information Security challenges emerging on the horizon and looks at finding ways in which enterprises, service providers and government can overcome challenges. The vision of the Summit is to guide the development of next generation cyber security policies and technology, to bring about changes in the current process, involve all affected industries and form the largest PPP in this domain.


Ground Zero Summit is a result of collaboration between different security conferences in the country that have joined hands to create a massive platform for cyber security research, technology showcase and policy creation and amendments. Ground Zero Summit in its debut year has emerged as the largest collaborative platform in Asia for this. It has proved to be Asia’s largest Information Security gathering for industry experts converging private and government players, to bring across issues in information/cyber security space, which is being presented, debated and deliberated over four days - two days of technical conference, followed by two days of hands-on technical workshops on information security. G0S will be a triple track conference with papers, demos and presentations focusing on the key areas concerning Information Security.

Some of the key focus areas at the event were:

  •  Cyber readiness challenges
  • Cloud Security: Enabling continuous, scalable security for today’s hyper connected world
  •  Exploring accuracy and correctness of modern network defence products
  •  Towards a next generation secure Internet
  • Evolution of network security around Software Defined Networking (SDN) – The intelligent network
  •  Internet – Transforming terrorism
  •  Surveillance, privacy and cyber espionage, in the aftermath of PRISM

The summit is a result of an industry - government alliance in this domain, and a collaborative effort between the four major cyber security conferences in the region viz. ClubHack, c0c0n, Malcon, nullcon and InfoSec research firm INNEFU. The summit will be executed by UBM India Pvt Ltd, a leading player in the live media space and the largest trade exhibition organizer in India responsible for over 20 large scale exhibitions.

Grab Your tickets Now! Defcon Bangalore Information Security Meet 2013


We invite you to the Defcon Bangalore 2013 Meet.  Defcon Bangalore is information security meet that you should not miss- The place where top Indian security researchers gather to share their knowledge.

The meet is going to be organized on coming Saturday, August 17th 2013 - The day that will give a chance for you to meet the WhiteHat hackers.

The reason why we mentioned this meet shouldn't be missed is that there are hackers from Brazil going to give a talk on "SCADA Exploitation".

Final list of Speakers:
  • Himanshu Sharma – Planning to rob someone? Here is an easier way
  • Ajin Abraham – Pwning with XSS reverse Shell
  • Dr. Daniel Singh – Tracing the Ghosts of Cyber World
  • Manas Prathim Sharma – IUTM
  • Francis Alexander – Abusing LFI-RFI with a twist
  • Aditya Gupta and Subho Halder – Droid Exploitation
Don't Miss the Training sessions.  Security researchers are going to give a training on several interesting topics on Information Security.

Training Track Sessions By
  • Aditya Gupta and Subho Halder on Droid Exploitation
  •  Bitcoins – Suriya Prakash
  • Deep Web – The TOR network – Nikhil P Kulkarni
  • Sabari Selvan on Exploit code writing
  • Hacking Hardwares with Raspberry Pi – Yashin Mehboobe
Book your tickets at:  http://www.meraevents.com/event/defcon-bangalore

You can find more details at http://defcon.cysecurity.org/

    DEFCON Bangalore 2013 - Call For Papers


    E Hacking News is glad to announce the Defcon Bangalore 2013 -  The place where the top Indian Security researchers present their research on Information Security.

    Defcon Bangalore is a part of Defcon Community Groups with a registered ID- DC9180. The team is supported by Cyber Security and Privacy Foundation, and provides a platform for talents in the Indian hacking community to showcase their research to a wider audience.The core team of defcon bangalore comprises of Mr. Karthik, Mr. HariKrishnan and Mr. J Prasanna( Founder, Cyber Security & Privacy foundation)

    Submit Your research papers:

    The call for paper has been opened.  Security researchers are invited to submit their research paper. Submit your papers at defconbangalore@cysecurity.org. The call for paper will close on 25th July 2013.


    Training:
    This year 2013, the DEFCON Bangalore team has initiated free training sessions for the attendees as a part of the meet! The charges incurred by the attendees are under 20 USD per head, this is collected in order to pay for the space occupancy at a 5 star Botique Hotel for the entire day - including snacks, high tea and Lunch. Apart from this no other charges are collected from the attendees.

    Hacker can control aircraft system with Android Smartphone


    A Security Researcher Hugo Teso at Hack In The Box security conference has demonstrated that it is possible for a hacker to take control of aircraft system with an android smartphone.

    By hijacking a protocol used to send data to commercial aircraft and exploiting bugs in flight management software, a hacker can send radio signals to planes that would cause them to execute arbitrary commands such as changes in direction, altitude, speed, and the pilots’ displays.

    "Teso demonstrated an Android application he built that allowed him to redirect a virtual plane with just a tap on a map application running on his Samsung Galaxy phone." Forbes report reads.

    Teso told Forbes that he was able to use the exploit "to modify approximately everything related to the navigation of the plane that includes a lot of nasty things"

    Teso notified Federal Aviation Administration and the European Aviation Safety Administration and they are working with the affected aerospace companies to fix the vulnerability.

    The presentation can be found here : Aircraft hacking[PDF].

    Defcon Kerala Information Security Meet 2013


    The Security Conference that you shouldn't miss - Defcon Kerala is a platform for Security enthusiasts to present their technical research papers and show case their skills.

    Defcon Kerala will be a stepping stone for young professionals, beginners and students by providing a starting point to advance their knowledge and skill sets.

    First Round Speakers for Defcon Kerala:
    • Nikhalesh Singh Bhadroia - Android Forensics
    • Oltjano - Break sqlmap into pieces
    • Archith KP - Expendables of Phishing
    • Francis Alexander - Real World Techniques & Firewall Evasion In SQLi
    • Lavakumar - IronWasp
    • Jayesh Singh Chauhan - Skanda - Cross Site Port Attacker
    • Saravanan I- Pwning the AIR
    • Muhammed Sherif - SOCIAL ENGINEERING – Art of human brain manipulation

    We invite all the information security enthusiasts, hackers, coders, programmers, security & network professionals, web developers, students, academic practitioners, government, police, business & corporate and all of those who care about ‘Information Security’ to Defcon Kerala Information Security Meet. We invite you to attend the talks of Speakers and to expand your Network.

    Who Should Attend the Meet?
    • Auditors
    • Application Developers
    • Application Testers
    • Chief Information Security Officers
    • Chief Technology Officers
    • Compliance Security Managers
    • Cyber Law Practitioners
    • Ethical Hackers
    • Information Security Researchers
    • Information Security Enthusiasts
    • Government Authorities related to Cyber Security
    • Software Engineers & Programmers
    • Security & Network Professionals
    • The curious Student community
    • And all those who cares about Security.

    Registration

    Entry Pass: Rs 1000/- Including networking, CTF Entry, Tea, Snacks, and Certificate of Attendance.

    Student Pass: Rs 700/- (After 30% Discount on Entry Pass with the discount code “STUDENT_DEFCONK13″ Including all the benefits of Entry Pass.

    DEFKTHON CTF

    DEFKTHON CTF, the Trademark CTF of Defcon Kerala. We invite all the war lords to the battlefield. Get ready with Backtrack, Exploits, Hack suites and everything you got. Be there, Exploit hard and 0wn DEFKTHON.

    Log on to: www.defconkerala.org

    An Interview with Antriksh.D.Shah (one of the key person behind NULLCON 2013)


    Recently we witnessed the glory of NULLCON unfold, it is said to be India’s largest security conference. As this was happening in Goa, my friend Nikhil.P.Kulkarni @nikchillz caught up with one of the guy behind NULLCON, it was none other than Antriksh.D.Shah and when asked about NULLCON, this is what he happened to say.

    EHN: Hello Antriksh, happy to see NULLCON 2013 starting off with a bang here in Goa.

    Antriksh: Yeah, its really good to see that more number of people have registered this year than the previous years, and moreover we’re happy that this happened with just the word that spread from mouth to mouth.

    EHN: So, what new do you see this time that you guys never saw in the previous years.

    Antriksh: Well, this time we were really happy to see that more number of students are registering themselves than the corporates. That’s what makes us feel proud. And the best part is we’re going to be witnessing the presence of CM Of Goa Mr. Manohar Parrikar.

    EHN: Oh cool, I just happened to see the List of Talks at NULLCON 2013, and I was amazed to see more number of youngsters speaking at the conference this time. So what do you have to say about this..?

    Antriksh: Yeah, its really happy to know that the young blood here in India are doing such great researches and NULLCON is proudly giving them a platform to showcase their research and we encourage them in all possible ways.

    EHN: Oh great to hear that, and what do you have to say about the venue. Any particular reason for choosing Goa.

    Antriksh: Well the main reason that we chose Goa was this is the place where people come, relax, enjoy the beach. And when people come down here to Goa, they forget all their worries and just chill out. So that’s the reason we came up with this venue.

    EHN: And here’s my last question, NULLCON is also famous for its evening parties, and last year we all saw the Belly Dancing happening. And what’s in store for this year’s NULLCON Networking Party.

    Antriksh: Well, this year we have planned for a trip to Casino, and asusual the party is going to be a huge hit. And its gonna be unlimited fun this time.

    EHN: Thanks a lot for sharing your time with us Antriksh, our best wishes to NULLCON and to all people associated with NULLCON.

    Antriksh:
    Thanks buddy…:D

    nullcon International Security Conference, Goa ~ 27th Feb - 2nd March, 2013



    INTRODUCTION

    “Nullcon’s 5th International Security Conference”, on 27th Feb - 2 March 2013 @ Bogmallo Beach Resort, Goa (http://nullcon.net)

    Nullcon security conference is well known for its speakers and talks where new vulnerabilities , risks and attacks on systems are responsibly disclosed along with their prevention mechanisms.

    The conference ensures of a great learning experience and networking.The conference is attended by the whos who in the security industry and includes various events targeted at different kind of audience from techies to business executives:

    Keynote Talks

    1. Richard Thieme - Staring into the Abyss

    2. Janardhana Swamy (M.P. Karnataka - Lok Sabha) - Security & Politics

    Talks @nullcon Goa '13

    •  SamuraiSTFU - Smartgrid Testing Framework for Utilities by Justin Searle
    • Vulnerability elimination by force of a new device platform by Yury Chemerkin
    • Hardware Backdooring is Practical by Jonathan Brossard
    •  BYOD - How will it shape your wireless network security infrastructure by Kiran Deshpande
    • SMS to meterpreter: Fuzzing USB modems by Rahul Sasi
    • HTML 5 –Attack and Defense by Ksenia Dmitrieva
    •  Mozilla Bug Bounty Program - Crowd Sourcing Vulnerability Research by Raymond Forbes
    • Mobile Code, Mining For Discovery & Exploits by Hemil Shah

    Trainings @nullcon Goa '13


    1. Penetration Testing SmartGrid & SCADA by Justin Searle *New

    2. Xtreme Android Hacking by Aseem Jakhar *New

    3. Reverse Engineering and Malware Analysis by Abhishek Datta

    4. Xtreme Exploitation by Omair

    5. Mobile Application Hacking:- Attack & Defense by Hemil Shah

    6. Xtreme Web Hacking by Akash Mahajan & Riyaz Walikar

    7. Cyber Warfare Intelligence and Intrusion Operations by Atul Agarwal *New

    Why Shoud You Attend ?

    • Expert Sharing Knowledge Platform
    • Secure your organization
    • Showcase your company
    • Recruit & get Hired
    • Networking & built long term relations
    • Niche Community Members

    Job Fair


    nullcon is excited to host a special job fair organized for security professionalsand organizations. Nullcon job fair gives you open access to meet the heads of various security organizations, understand their requirements and offer them your competencies in return. It is an excellent opportunity for organizations to hire the best talent in information security industry and for security professionals to find better job prospects.
    nullcon job fair is a platform where prospective employer and employee can meet and interact with each other in an open environment.

    Registration


    Budget constraints, participants can also opt for Economy Pass (Without Lunch) @INR4999

    Attractive Group Discounts Available contact register@nullcon.net

    Silver Sponsor : Microsoft | Praxeva
    Associate Sponsor : Adobe Systems | Innobuzz | iSight Partners
    Cocktail Sponsor: SANS

    Exhibitors: Dognaedis | AirTight Networks | Wegilant | eSecForte | Insitute of Information Security | Rapid 7

    Community Partner: Garage4Hacker | Hack In Paris | Radio Schizoid | MatesLab
















    Registration open for OWASP AppSec APAC 2013

    Registration is open for the OWASP AppSec APAC 2013 conference taking place in South Korea at the Hyatt Regency Jeju.

    The event will be composed of 2 days of training (February 19-20), followed by 2 days of conference talks (February 21-22).

    The Global AppSec APAC 2013 Conference will be a reunion of Information Security Asia-Pacific leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”.

    The Day1(Feb 21) Conference Talks will include "What your CISO has not told you - Outbound security of cloud and enterprise web services", "Abusing, Exploiting and Pwning with Firefox Add-ons", HTML5, The Droid Exploitation Saga, Web Security - New Browser Security Technologies, Dissecting Smart Meters, Hacking Authentication Checks in Web Applications , Open Source Metasploit - The Elixir of Network Security.

    The Day2(Feb 22) Conference talks will include "Putting Security within the SDLC via Application Threat Modeling", Securing data with a Data Encryption Infrastructure, Security Challenges of Hybrid Mobile Applications,Design Secure Web Applications, Growing sophistication of DDoS attacks, "Missile of Cyber-terrorism, the reality of APT and Countermeasures", A Call for Drastic Action: A Survey of Web Application Firewalls, PenTesting WebApps with Python, Using the Wisdom of the Crowd to Enhance Application Security.

    The conference is also offering following IT Security Training courses:
    • Advanced Android and iOS Hands-on Exploitation Course (2 day class)
    • HACKED - The OWASP Top 10 (2 day class)
    •  CISO training: Managing Web & Application Security for Senior Managers (1 day class)
    • HTML 5 (1 day class)
    •  Approaching Secure Code – Where do I start? (1/2 day Developer class)

    Please visit the website for more information on how to register for the event. Register NOW!

    Defcon Kerala 2013 - Call for papers


    Defcon Kerala (DC0497) is a Defcon USA Registered group for promoting and demonstrating research and development in the field of Information Security. We are a group of Information Security Enthusiasts. Defcon Kerala is a platform for students, professionals, geeks, and nerds to present there technical research papers and show case their skills. Speakers are invited to present papers on various information security related research topics before the delegates and interact them.

    Some Topics of Interest:

    Disclosure of new Hacking Tools

    New Vulnerabilities and Zero Day Exploits

    Cyber Forensics

    Lock picking & physical security exploitation

    Web Application & Network Security

    Antivirus/IDS/Firewall/filter evasion techniques

    Social Engineering

    Metasploit Framework

    Web Browser Exploitation

    Mobile Application Security and Exploitation

    Wireless Security

    Denial of Service Attacks

    Hardware Hacking/ SCADA Hacking

    Honeypots

    Fuzzing Techniques

    Open Source Security

    Cyber Laws, Cyber warfare, Cyber Ethics

    Anonymity in Internet

    Carding and Black Market Analysis

    NOTE: These are just some sample topics. You can send any topics related to Information Security.

    Paper Submission Details

    Please send your papers to this email


    Follow the format given below:

    =========================================================

    Author Name:

    Mobile:

    Brief Biography:

    Paper Title:

    Paper Abstract:

    Paper Outline:

    Publishing/Disclosing any Tools/Vulnerabilities/Zero Days (YES/NO):

    Any Additional Requirements:

    =========================================================

    NOTE: Paper should be submitted in PDF, DOC, DOCX, or ODF Format. Presentation should not exceed 25mins. If your paper is selected then you will be notified soon and you should register for a Speaker Pass.

    Register

    Buy your speaker pass for Defcon Kerala 2013 Meet

    Please Register only after you get a notification by email that your paper is selected.

    Click here => REGISTER

    Important Dates

    Call For Papers is open: 13th January 2013

    Call For Paper submission Deadline: 1st April 2013

    Defcon Kerala Meet 2013 Scheduled on: 21st April 2013



    List of Ethical Hacker Conferences & computer security conferences

    Security and Hacker conferences

    The best way to learn new things and get into the InfoSec world is attending Security and Hacker Conferences.  You can meet lot of security Experts and Black Hat hackers.

    Here is a list of International IT Security and Hacker conferences with a short description about the conference.

    DEFCON Hacking Conference:

    DEF CON, one of the worlds largest and longest running hacking conferences, celebrates it's 20th year with an energetic and appropriately themed compilation, entitled "XX". Founder and head of the conference Jeff Moss, also known as Dark Tangent, tasked DEF CON "goon" and Muti Music artist Great Scott with curating the talent filled track selections; acknowledging that music can be pure hacker fuel.
    www.defcon.org

    *EHN is official media partner of DefCon India

    www.defcon.co.in

    Black Hat hacker conference::

    The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world - from the corporate and government sectors to academic and even underground researchers. The environment is strictly vendor-neutral and focused on the sharing of practical insights and timely, actionable knowledge. Black Hat remains the best and biggest event of its kind, unique in its ability to define tomorrow's information security landscape.

    https://www.blackhat.com/

    Nullcon :

    The nullcon conference is a unique platform for security companies/evangelists to showcase their research and technology. Nullcon hosts Prototype, Exhibition, Trainings, Free Workshops, null Job Fair at the conference. It is an integrated and structured platform which caters to the needs of IT Security industry at large in a comprehensive way.

    *E Hacking News(EHN) is official media partner of Nullcon

    http://www.nullcon.net/


    ClubHack:

    ClubHack is a NOT-FOR-PROFIT initiative to bring security awareness in common people who use computers and internet in their daily life. It’s a member driven open community to make cyber security a common sense. The phenomenal growth of the Internet economy has led to a sharp increase in computer crimes and hacking incidents. ClubHack aims at making technology users aware of the risks associated with cyber transactions as well as the security measures.


    *E Hacking News(EHN) is official media partner of ClubHack


    http://www.clubhack.com/

    C0C0N :

    c0c0n, previously known as Cyber Safe, is an annual event conducted as part of the International Information Security Day.

    c0c0n is aimed at providing a platform to discuss, showcase, educate, understand and spread awareness on the latest trends in information, cyber and hi-tech crimes. It also aims to provide a hand-shaking platform for various corporate, government organizations including the various investigation agencies, academia, research organizations and other industry leaders and players for better co-ordination in making the cyber world a better and safe place to be. It will also serve as a platform to devise strategies to prevent cyber crimes against women.

    http://is-ra.org/c0c0n/

    X.25 Ethical Hacking Conference :

    X.25 Ethical Hacking Conferences is performed every year in Mexico and one of the busiest in terms of computer security issues.

    *E Hacking News(EHN) is official media partner of ClubHack

    www.x25.org.mx

    Intelligence-Sec

    Intelligence-Sec is a fully integrated Conferences and Exhibitions Company managing and producing topical events for the security industry. All our global events are well researched and discussed with industry experts. Intelligence-Sec's main objective is to ensure that all attendees gain the best value for money when they participate in one of our events.

    http://www.intelligence-sec.com/


    Hackers Halted

    The Hacker Halted APAC event annually gathers around 500 individuals; this consists of everyone, from ethical hackers to key C-level executives from corporates, government bodies and solution seekers.

    The event is aimed at providing the opportunity to CEOs, COOs, CIOs, CFOs, Senior IT Professionals and all other decision makers to assess the best practices in acquiring, implementing, managing and measuring information security.

    http://hackerhaltedapac.org

    OWASP AppSec Conference

    OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security. This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific. Additionally, regional events are held in locations such as Brazil, China, India, Ireland, Israel, and Washington D.C. Presentations and videos are generally posted several months after each conference.

    ISWec

    Infosecurity World is an annual exhibition and conference dedicated to Asia Pacific information security marketplace. The event showcases latest innovation, products and services from established to emerging brands.

    http://infosecurityworld.net/


    ShmooCon

    ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. The first day is a single track of speed talks called One Track Mind. The next two days bring three tracks: Build It, Belay It and Bring It On.

    http://www.shmoocon.org/

    Hackinthebox:

    Asia’s largest network security conference held annually in Kuala Lumpur, Malaysia and more recently the Middle East.
    http://conference.hackinthebox.org

    NOTACON

    Not quite sure what hacker cons are really about? Do you like building and creating stuff? Are you tired of infosec focused conferences? Do you want to have fun while actively learning about cool stuff and meeting awesome people? NOTACON is the conference for you! No degree in computer science, nor job in IT is required to have a great time at Notacon. In fact, we believe some of the best hacks occur in areas outside of technology altogether.
    http://www.notacon.org/

    CONFidence


    CONFidence is an annual IT security conference that will take place on 23-24th May, 2012 in Krakow, Poland for the 10th time! The best speakers, latest issues, laid-back atmosphere and Krakow crazy night life – that is why CONFidence has become a meeting point of hackers’ community in Europe.

    http://confidence.org.pl/

    BruCON

    BruCON is an annual security and hacker(*) conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organized in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker(*) community.

    brucon.org

    MalCon

    MALCON is a premier international technology security conference focusing exclusively on proactive malware research and analysis. MalCon is a part of Information Sharing and Analysis Center, in support with the Government of India.

    http://www.malcon.org/

    AthCon

    AthCon is an annual, European two-day conference targeting particular areas of information security. It’s aim: to bring leading information security experts together. Attacking techniques of exploitation and various forms of penetration testing have become an important component of any organisation. This conference aims to provide a venue for understanding the ever evolving changes as well as new threats.
    http://www.athcon.org/


    DerbyCon :

    This is the place where security professionals from all over the world come to hang out. DerbyCon 3.0 will be held September 25-29th, 2013. DerbyCon 2012 pulled in over 1,100 people with an amazing speaker lineup and a family-like feel. We’ve listened to your feedback and plan on making this conference even better. Our goal is to keep it around the same size and maintain a close-knit conference where we all come together to learn and share ideas
    http://www.derbycon.com/

    ekoparty

    Electronic Knock Out Party - Security Conference, is the annual computer security, for its unique features and its particular style, has become a benchmark for all of Latin America.
    http://www.ekoparty.org

    GrrCON

    GrrCON is an information security and hacking conference being held in the Midwest. This conference was put together to provide the Midwest regional information security community with a venue to come together and share ideas, information, solutions, forge relationships, and most importantly engage with like minded people in a fun atmosphere. Whether you are a Fortune 500 executive, security researcher, security industry professional, student, or a hacker of “flexible” morals you will find something for you at GrrCON.
    http://grrcon.org/

    T2 Infosec conference


    t2 was born at a time when there was a need for a conference that was “from hacker to hacker” when there was not one single independent, technically oriented, information security conference in Finland in existence.

    The mission of t2 has remained the same from its commencement, to be an annual conference dedicated to those who are interested in the technical aspects of information security. t2 offers the opportunity to publish new research and ideas as well as networking, the latter an elemental part of its ideology.

    http://t2.fi/

    DefCamp

    DefCamp is a national initiative dedicated to developing the skills of the young passionate by computer security, by creating a stimulating offline environment which allows offline and online exchange of knowledge between underground security specialists, academic and corporate entities in Romania. DefCamp is focusing on presenting technical information related to the security and insecurity of both virtual and real environment.

    The idea of DefCamp came out in March 2011, after some informal discussions between more computer security addicts from Romania, passionate about various INFOSEC topics

    http://defcamp.com

    Root CON
    ROOTCON is an annual Hacker Conference and Information Security gathering held in the Philippines and was founded by Dax Labrador a.k.a semprix.  The conferences aims to share best practices and technologies through talks by qualified speakers and demos of exciting stuff (hacks, tools, tips, disclosures, cyber warfare, cyber espionage, etc). ROOTCON is open to everyone and that previous participants have included InfoSec personnel, developers, programmers, engineers, hackers, businessmen, students, lawyers, feds, and the like.
    www.rootcon.org

    ACSAC(Annual Computer Security Applications Conference):

    ACSAC has a tradition of bringing together security professionals from academia, government and industry who are interested in applied security. It is an internationally recognized forum where practitioners, researchers, and developers in information system security meet to learn and to exchange practical ideas and experiences. Started in 1984, the conference has grown over the years to achieve worldwide attendance and recognition for the high quality of its presentations, discussions, and interactions.

    http://www.acsac.org


    Blue Hat Microsoft Hacker Conference:


    An event that is intended to open communication between Microsoft engineers and hackers is called Blue Hat Microsoft Hacker Conference. The event has led to both mutual understanding as well as the occasional confrontation.

    www.bluehatsecurity.com


    DeepSec

    The DeepSec IDSC is an annual European two-day in-depth conference on computer, network, and application security.

    https://deepsec.net/

    CarolinaCon

    CarolinaCon is an annual conference in North Carolina that is dedicated to sharing knowledge about technology, security and information rights. CarolinaCon also serves to enhance the local and international awareness of current technology related issues and developments. CarolinaCon also strives to mix in enough entertainment and side contests/challenges to make for a truly fun event.
    http://www.carolinacon.org/

    GreHack


    GreHack is a non profit Security Conference (during day) and an Ethical Hacking Contest - aka CTF - (during night).
    http://grehack.org/en/

    Hack.lu

    Hack.lu is an open convention/conference where people can discuss about computer security, privacy, information technology and its cultural/technical implication on society.

    http://hack.lu

    CanSecWest
    The world's most advanced conference focusing on applied digital security, is about bringing the industry luminaries together in a relaxed environment which promotes collaboration and social networking

    http://cansecwest.com/

    RSA Conference

    RSA Conference is helping drive the information security agenda worldwide with annual industry events in the U.S., Europe and Asia.
    http://www.rsaconference.com/

    SOURCE Conference:
    SOURCE is a computer security conference in Boston, Seattle, and Barcelona that offers education in both the business and technical aspects of the security industry.

    http://www.sourceconference.com

    TROOPERS IT Security Conference:
    Annual international IT Security event with workshops held in Heidelberg
    https://www.troopers.de

    The HackMiami Conference

    The HackMiami Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground.
    http://hackmiami.com

    If you think we have missed a great one, feel free to contact me with details .