Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[TAUSEC] Next meeting of TAUSEC on Feb 11, 6 P.M

From: "Edward Aronovich" <eddiea () tau ac il>
Date: Fri, 2 Feb 2007 08:40:49 +0200
The Security Forum, TAUSEC at Tel Aviv University, next lecture will be on Feb 11 at 18:00 (6 P.M)

Location: Tel Aviv University Lev Auditorium
Map: http://www2.tau.ac.il/map/unimapl1.asp

Attendance is free, light refreshments will be served

Schedule:
---------
18:00 Economic analysis of globally deployed attach counter-measures - Shachar Shemesh Lecture level: high level, no 
technical knowledge required

Abstract:
        The lecturer will try to prove, using nothing but a few
        hand gestures and 12 coins, that the time is not yet ripe to 
        deploy outgres filtering world wide. We will try to analyze 
        what may cause the balance to tip, and will outline the 
        lecturer very private, and somewhat insane, idea of how the 
        world will slowly change once the tipping point arrives.



19:00 - Break

19:20 - IE Exploits Treats - History, JavaScript evasion techniques, 
          Heap Spray, Ajax worms - Dror Shalev      
Level: Technical / Very High Level

Title: IE Exploits Treats - History, JavaScript evasion techniques, Heap Spray, Ajax worms

        In the "IE Exploits Treats" I will show lots of code and techniques , 
        but will not include 0 days exploits.
        The "JavaScript evasion techniques" research include the following demos :
        http://www.drorshalev.com/dev/metascripts/
        the "History" section include : 
        https://secure11.brinkster.com/drorshalev/checkpoint/products/main.htm
        the  "Heap Spray" include : Internet Exploiter , PwnZilla By SkyLined
        MS07-004 VML integer overflow exploit , Moti Joseph
        browserfun by HDM , metasploit
        setRequestHeader(), setSlice(), createTextRange() 
        the "Ajax worms" include :
        An analysis of the 180 Solutions Trojan -  2003
        Yahoo & Hotmail Potential web-based e-mail worm - 2003
        Samy is my Hero -MySpace - 2005

        Visit our web site at: http://www.cs.tau.ac.il/tausec/

C U,
Eddie

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: