Sydney

Next Meeting
TBA

Date: Wednesday, 28th July 2010
Presentations: 


 * Robert Lee, PriceWaterHouse Coopers, Vulnerabilities &amp; Google’s Jarlsberg Application
 * Alex Kouzemchenko, Azimuth Security, WAFs: How I love Thee.

Date: Tuesday, 20rd April 2010
Presentations: 

Lightning Talks!


 * Louis Nyffenegger - ‘SQL injection in “order by” clauses’
 * Raphael Speyer – ECMAscript 5
 * Christian Heinrich - OWASP Top Ten 2010
 * Daniel Grzelak – Recon Tool Demonstration

Date: Tuesday, 23rd March 2010
Presentations: 
 * PDF Hacking - Paul Theriault (Link TBA)
 * The plan is to run an informal workshop style presentation with the following objectives:
 * Provide an introduction to PDF format, scripting capabilities and other “features” you wouldn’t expect to see in a document format
 * Learn some basic tools &amp; techniques for analyzing malicious PDF files, for great justice
 * Learn some basic tools &amp; techniques for creating malicious PDF files, for great science
 * Look at the security implications of PDFs and what can be done in an enterprise environment to reduce these risks (uninstall Reader?)
 * Incident Case Study - Charles Carmakal (Link TBA)
 * Review of the security breach landscape in the US and go through an interesting case study. It involved organised criminals from eastern Europe, over $100M of losses, and incredible sophistication. The initial point of entry for this breach was the web - SQL injection, linked databases, privilege escalation, development/deployment of custom malware.