[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [TAUSEC] Next meeting of TAUSEC on Feb 11, 6 P.M

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] [TAUSEC] Next meeting of TAUSEC on Feb 11, 6 P.M
From: "Edward Aronovich" <eddiea@xxxxxxxxx>
Date: Fri, 2 Feb 2007 08:40:49 +0200

The Security Forum, TAUSEC at Tel Aviv University, next lecture will be on Feb 
11 at 18:00 (6 P.M)

Location: Tel Aviv University Lev Auditorium
Map: http://www2.tau.ac.il/map/unimapl1.asp

Attendance is free, light refreshments will be served

Schedule:
---------
18:00 Economic analysis of globally deployed attach counter-measures - Shachar 
Shemesh Lecture level: high level, no technical knowledge required

Abstract:
        The lecturer will try to prove, using nothing but a few
        hand gestures and 12 coins, that the time is not yet ripe to 
        deploy outgres filtering world wide. We will try to analyze 
        what may cause the balance to tip, and will outline the 
        lecturer very private, and somewhat insane, idea of how the 
        world will slowly change once the tipping point arrives.



19:00 - Break

19:20 - IE Exploits Treats - History, JavaScript evasion techniques, 
          Heap Spray, Ajax worms - Dror Shalev      
Level: Technical / Very High Level

Title: IE Exploits Treats - History, JavaScript evasion techniques, Heap Spray, 
Ajax worms

        In the "IE Exploits Treats" I will show lots of code and techniques , 
        but will not include 0 days exploits.
        The "JavaScript evasion techniques" research include the following 
demos :
        http://www.drorshalev.com/dev/metascripts/
        the "History" section include : 
        https://secure11.brinkster.com/drorshalev/checkpoint/products/main.htm
        the  "Heap Spray" include : Internet Exploiter , PwnZilla By SkyLined
        MS07-004 VML integer overflow exploit , Moti Joseph
        browserfun by HDM , metasploit
        setRequestHeader(), setSlice(), createTextRange() 
        the "Ajax worms" include :
        An analysis of the 180 Solutions Trojan -  2003
        Yahoo & Hotmail Potential web-based e-mail worm - 2003
        Samy is my Hero -MySpace - 2005

        Visit our web site at: http://www.cs.tau.ac.il/tausec/

C U,
Eddie

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Hushmail from raju@xxxxxxxxxxxxxxx
Next by Date: [Full-disclosure] Hushmail from talargoni@xxxxxxxxx
Previous by thread: [Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1
Next by thread: [Full-disclosure] Hushmail from talargoni@xxxxxxxxx
Index(es):
- Date
- Thread