Sydney

Next Meeting
Date: Tuesday, 20rd April 2010

Location: PricewaterhouseCoopersLevel 15, 201 Sussex St, Sydney, NSW 2000)

Presentation

 * Lightning Talks!

Please submit your proposals for lightning talks to one of the chapter leaders.

Presentation Rules: Duration: 10 minutes or less.

Subject: Anything as long as it’s interesting (and probably webappsec related)

Experience: No previous presentation experience required

Attitude: Have fun! Grumpy bastards not allowed

Get your proposals in quick - speakers will be announced soon.

Agenda
6:00 - 6:20 Peer-to-Peer Networking with Refreshments

6:20 - 6:30 Sydney Chapter News

6:30 - 7:30 Presentations Please RSVP to paul.theriault@stratsec.net.

Date: Tuesday, 23rd March 2010
Location:Stratsec, Lvl 6, 62 Pitt St, Sydney.


 * PDF Hacking - Paul Theriault (Link TBA)
 * The plan is to run an informal workshop style presentation with the following objectives:
 * Provide an introduction to PDF format, scripting capabilities and other “features” you wouldn’t expect to see in a document format
 * Learn some basic tools &amp; techniques for analyzing malicious PDF files, for great justice
 * Learn some basic tools &amp; techniques for creating malicious PDF files, for great science
 * Look at the security implications of PDFs and what can be done in an enterprise environment to reduce these risks (uninstall Reader?)
 * Incident Case Study - Charles Carmakal (Link TBA)
 * Review of the security breach landscape in the US and go through an interesting case study. It involved organised criminals from eastern Europe, over $100M of losses, and incredible sophistication. The initial point of entry for this breach was the web - SQL injection, linked databases, privilege escalation, development/deployment of custom malware.