44Con 2012 CFP - London 5th - 7th September

[Steve <steve () 44con com>]

The 2nd annual 44Con is going to be held in London in September, 2012. 
We're looking for speakers, workshops and training courses to make the 
event even bigger and better than last year. If you fancy an 
accomodation and travel covered trip to London while it's still warm and 
sunny, this is the event to submit to.
   _____    _____  _________
  /  |  |  /  |  | \_   ___ \   ____   ____
 /   |  |_/   |  |_/    \  \/  /  _ \ /    \
/    ^   /    ^   /\     \____(  <_> )   |  \
\____   |\____   |  \______  / \____/|___|  /
     |__|     |__|         \/ 5-7 Sep 2012\/

   -=- London's Premier Security Event -=-

]-- 44Con 2012 Call For Papers

Site: http://www.44con.com/
CFP Registration: https://cfp.44con.com/
Limited Tickets *available now*: http://44con-2012.eventbrite.co.uk

]-- Background

44Con is the UK's largest combined Security Conference and Training 
event, with the conference taking place from the 5th till the 7th of 
September, 2012 at the Millenium Conference Centre in South Kensington, 
London. We will have a fully catered dedicated conference facility 
across two floors, with private bar.

The main conference room will be set for two speaking tracks over the 
two days - day one will host an 'Infosec Professional' and 'Technical 
Turbo Talk' track, days two and three will host two fully technical tracks.

This is the Call for Papers, Talks and Workshops for 44Con 2012. Both 
Technical and Infosec Professional talk submissions will be accepted. 
Talk slots are 45 minutes long with 15 minutes for Q&A. Workshop slots 
are 60, 90 and 180 minutes in length.

]-- Submissions

Submissions should be sent via the CFP website 
(https://cfp.44con.com/)Our submissions review panel includes luminaries 
from organisations such as THC and various H.M. Government and military 
personnel. In particular, we are looking for original talks of the 
highest quality in the following areas:

1. Offensive Technologies
- Vulnerability exploitation techniques
- Malware
- Rootkits
- Doing bad things to good processes

2. Defensive Technologies
- Incident Response
- Malware forensics
- Intrusion Prevention Tools & Techniques
- Computer Network Defence (CND)

3. Bugs, finding and fixing
- Fuzzing
- Static Analysis
- Source Code Auditing
- The Exploit Economy
- Vulnerability Stories (e.g. the most interesting RCE I ever found and 
how it came to be)

4. Cloud Computing
- Breaking
- Defending
- Data Protection and Destruction

5. Virtualisation
- Detection, Escape and Exploitation
- Defence, Sandboxing and Countermeasures

6. Owning the Enterprise
- Enterprise Software (e.g. SAP, Ab Initio, Oracle etc.)
- Trading Systems
- Enterprise Security Fail

7. Online Money
- Online Gambling Security
- Casino, Poker and Arcade systems.
- MMO gaming
- Commercial PRNG Analysis
- Payment Systems

8. Client Side Security
- Browser Security
- File Format Security
- Out of Band Measures (e.g. Chip & Pin)

9. Embedded/Hardware Hacking
- Mobile devices
- Mobile Phones - Particularly iPhone/Windows Mobile
- Games Consoles
- Cool Hardware Hacks (e.g. Arduino etc.)
- GSM Security
- Access Control
- Consumer Broadband Devices
- DVR and Set Top Boxes
- Health Systems

10. Application Security
- Web-based Application Security
- Binary Application Security
- Reverse Engineering
- Copyright and DRM

11. Networking and Comms
- OSI Layers 1 through 4
- RF Comms (RFID, NFC etc.)
- Satellite Hacking
- VoIP
- IPv6
- 802.11
- GSM/GPRS/UMTS

12. Critical National Infrastructure (CNI)
- SCADA
- Emergency Services Systems
- Medical Systems and IT Security
- Cyber Espionage

13. The Soft Side of Infosec
- Social Engineering
- Disaster Planning
- Communications
- Security Awareness
- Practical Strategies
- Security Successes and Failures

Please try to not recycle content from other conference presentations. 
If you have an updated presentation please let us know what has changed 
from the previous presented version.

Note: this is not an exhaustive list. If you have a good talk proposal, 
please let us know.

]-- Selection Committee

- Van Hauser - THC
- Steve Lord - 44Con
- Skapp - 44Con
- Adrian - 44Con
- The Unknown Soldier - MoD
- Assorted shadowy figures from the unconvention

]-- Speaker Privileges

Speakers at 44Con will be entitled to the following:

- Air flight cover (we will book and pay for your flights).
- 3-5 nights accommodation (depending on what you're doing and when)
- Breakfast & Lunch during conference
- After-Conference Party Invite
- Love and TLC from our speaker ops team
- Press Access (for those that want it)
- Alcohol, Fun and Frolics

For accepted workshops we will provide a free ticket. Speakers providing 
workshops will gain an extra night's accomodation on us!

]-- Awards

Although no honorarium is provided for talks, awards will be provided 
for the following:

- best talk: 1,000 GBP
- 44Con award of awesomeness: 'special awesome prize'
- Overruns: Death by Nerf!

The award winners will be chosen based on feedback forms provided to 
delegates at the conference. Winning one category does not preclude a 
speaker from competing in others.

]-- Submissions process

Submit your CFP response at the CFP Site (https://cfp.44con.com/). 
Submissions must be in English only.

]-- Important dates

- CFP Deadline: Monday 31st May, 6pm UTC
- Speaker announcements: Tuesday 24th April - Thursday 30th June
- Speaker flight details to be submitted by 30th June
- Technical Presentation Submission Deadline: 31st July
- Technical Papers/Tools Submission Deadline: 12th August
- 44Con Training: 3rd and 4th September
- 44Con Conference: 5th - 7th September

]-- Other Information

44Con is the UK's biggest combined Information Security Conference and 
Training Event. To find out more about 44Con visit 
http://www.44con.com/, follow us on twitter @44con, or use the #44con 
hashtag to see and take part in the discussion on Twitter. Tickets are 
available now from the main web site at http://44con-2012.eventbrite.co.uk/.

By agreeing to speak at 44Con you are granting Sense/Net Ltd (owners of 
44Con) the rights to reproduce and distribute your presentation 
including but not limited to http://www.44con.com/, advertisements in 
various mediums and through partner sites and mediums. If you are not 
comfortable with this arrangement then this must be agreed with us in 
writing prior to the event.

--- Begin ms12-020-rce.py ---

#!/usr/bin/env python

# ms12-020-rce.py PRIVATE DO NOT DISTRIBUTE OUTSIDE OF http://44con.com/

import socket
import sys

data = "\x59\x6f\x75\x20\x64\x69\x64\x6e\x27\x74\x20\x72\x65\x61\x6c"
data +="\x6c\x79\x20\x74\x68\x69\x6e\x6b\x20\x77\x65\x20\x68\x61\x64"
data +="\x20\x6f\x6e\x65\x2c\x20\x72\x69\x67\x68\x74\x3f#!?$£L"K$@!:£ NO 
CARRIER


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------