This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Limerick"
| Line 33: | Line 33: | ||
'''AGENDA''' | '''AGENDA''' | ||
<br><br> | <br><br> | ||
| − | 19:00 - 19:05 '''OWASP Limerick/Munster Chapter - Introduction, Agenda and Speakers''' | + | 19:00 - 19:05 '''OWASP Limerick/Munster Chapter - Introduction, Agenda and Speakers''' |
<br><br> | <br><br> | ||
| − | 19:10 - 20:00 | + | 19:10 - 20:00 '''Zombie Browsers, spiced with Rootkit Extensions''' - presented by Balázs Zoltán |
| − | '''Zombie Browsers, spiced with Rootkit Extensions''' - presented by Balázs Zoltán | ||
<br><br> | <br><br> | ||
'''Abstract:''' As malicious browser extensions currently are not detected by antivirus products, they are able to do enormous harm - not only by compromising one’s personal online activities, personal data and accounts, but even his/her business data. Hardly any anti-malware product offers real protection against these attacks, and even mobile phones might be vulnerable. | '''Abstract:''' As malicious browser extensions currently are not detected by antivirus products, they are able to do enormous harm - not only by compromising one’s personal online activities, personal data and accounts, but even his/her business data. Hardly any anti-malware product offers real protection against these attacks, and even mobile phones might be vulnerable. | ||
| Line 44: | Line 43: | ||
<br><br><br> | <br><br><br> | ||
| − | 20:00 - 20:10 '''OWASP Limerick/Munster Chapter Raffle''' | + | 20:00 - 20:10 '''OWASP Limerick/Munster Chapter Raffle''' |
<br> | <br> | ||
- Free ticket for upcoming OWASP Limerick AppSec Training Day (sometime in May) | - Free ticket for upcoming OWASP Limerick AppSec Training Day (sometime in May) | ||
| Line 50: | Line 49: | ||
- Two representative Information Security books | - Two representative Information Security books | ||
<br><br><br> | <br><br><br> | ||
| − | 20:10 - 20:50 | + | 20:10 - 20:50 '''Malware (zero-day) Analysis in an Operational Environment''' - presented by Richard Costelloe |
| − | '''Malware (zero-day) Analysis in an Operational Environment''' - presented by Richard Costelloe | ||
<br><br> | <br><br> | ||
'''Abstract:''' This presentation reviews a response-methodology to a multi-stage, 'zero-day' malware attack against a corporate information-systems network. Included in this analysis are detailed explanations of evasive techniques such as social-engineering, spear-phishing, SMTP spoofing, HTTP and JavaScript obfuscation, binary code-packing, password and data harvesting, data encryption and exfiltration, file-droppers, process-injection and bot-nets. Included will be an overview of defensive-methodologies and processes such as system and network hardening and monitoring, data de-obfuscation, decoding and decryption, static and dynamic analysis of malware code and binaries and forensic best practises. | '''Abstract:''' This presentation reviews a response-methodology to a multi-stage, 'zero-day' malware attack against a corporate information-systems network. Included in this analysis are detailed explanations of evasive techniques such as social-engineering, spear-phishing, SMTP spoofing, HTTP and JavaScript obfuscation, binary code-packing, password and data harvesting, data encryption and exfiltration, file-droppers, process-injection and bot-nets. Included will be an overview of defensive-methodologies and processes such as system and network hardening and monitoring, data de-obfuscation, decoding and decryption, static and dynamic analysis of malware code and binaries and forensic best practises. | ||
Revision as of 11:16, 12 February 2013
OWASP Ireland-Limerick
Welcome to the Ireland-Limerick chapter homepage.
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
become a Member or Annual Chapter Sponsor(s).
OWASP Ireland-Limerick Board
Should you have a question about the local chapter, would like to get more involved contact ANY of the following people below
- President Marian Ventuneac
- Vice President TBD
- Secretary TBD
OWASP Ireland-Limerick
Address - TBD
<paypal>Ireland-Limerick</paypal>
OWASP Ireland Limerick 2013 Events
OWASP Ireland Limerick Chapter Meeting
When: 21/02/2012 7:00pm - 7:00pm
Where: Limerick City Council, City Hall, Merchants Quay
Sponsors: Genworth Financial
This free event is open to all participants with an interest in application security.
Registration is required - if you are planning to attend please RSVP at http://
For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.
AGENDA
19:00 - 19:05 OWASP Limerick/Munster Chapter - Introduction, Agenda and Speakers
19:10 - 20:00 Zombie Browsers, spiced with Rootkit Extensions - presented by Balázs Zoltán
Abstract: As malicious browser extensions currently are not detected by antivirus products, they are able to do enormous harm - not only by compromising one’s personal online activities, personal data and accounts, but even his/her business data. Hardly any anti-malware product offers real protection against these attacks, and even mobile phones might be vulnerable.
Presenter: Balázs Zoltán (OSCP, C|HFI, CISSP, CPTS, MCP) is an ITSEC consultant at Deloitte. From 2006-2010 Zoltán worked as an IT Security Expert at Erste Bank Hungary, and from 2010 he works as an IT Security team leader, at Erste. On ITSEC conferences he likes to present about malwares, IPv6, pass-the-hash, browser malware.
20:00 - 20:10 OWASP Limerick/Munster Chapter Raffle
- Free ticket for upcoming OWASP Limerick AppSec Training Day (sometime in May)
- Two representative Information Security books
20:10 - 20:50 Malware (zero-day) Analysis in an Operational Environment - presented by Richard Costelloe
Abstract: This presentation reviews a response-methodology to a multi-stage, 'zero-day' malware attack against a corporate information-systems network. Included in this analysis are detailed explanations of evasive techniques such as social-engineering, spear-phishing, SMTP spoofing, HTTP and JavaScript obfuscation, binary code-packing, password and data harvesting, data encryption and exfiltration, file-droppers, process-injection and bot-nets. Included will be an overview of defensive-methodologies and processes such as system and network hardening and monitoring, data de-obfuscation, decoding and decryption, static and dynamic analysis of malware code and binaries and forensic best practises.
Presenter: Richard Costelloe (MA, CISSP, CEH) is an Information-Security professional with over ten years' international experience fighting the 'bad guys' on the front lines of corporate Information Systems environments. Currently employed by Murex Dublin (Enterprise Risk Management), he spends his days supporting Information Security governance, compliance and policy development, risk-management, staff training & education, data-leaks, working with IT teams for system-hardening and penetration-testing and software-development teams with code-reviews and application-security audits for Murex's Java/C++ products.
20:50 - 21:00 Networking/Socialising
Past Events
2012 Meetings
2011 Meetings
