SecurityRatty: tag: pwnie

The Pwnie Awards

2007-09-10 04:21:00 by Eric Marvets in The Security Samurai

...Pwnie Awards . Its a great concept. They accept nomination and then give awards to celebrat[e] (or make fun of) the achievements and failures of security researchers and the wider security community They give awards in the following categories Best Server-Side Bug Best Client-Side Bug Mass 0wnage Most Innovative Research Lamest Vendor...

Tags: pwnie awards, awards, bug, server-side bug, wider security community, client-side bug, innovative research, accept nomination, vendor response

McAfee's Hacker Safe nominated for a Pwnie

2008-07-21 11:05:00 by Russ McRee in HolisticInfoSec.org

...Pwnie Awards 2008 nominations are out, and under Lamest Vendor Response we find McAfee's Hacker Safe, specifically Joesph Pierini's response to the findings XSSed.com and I gave to Thomas Claburn for publication in Information Week this past January Joseph Pierini, director of enterprise services for the "Hacker Safe" program, stepped in it...

Tags: hacker safe, mcafee, hacker safe fiasco, pierini, joseph pierini, mcafee secure, vendor response, server, joesph pierini

Why Do I Attend BlackHat?

2008-06-26 18:33:51 by Chris Eng in Zero in a bit

...Pwnie Awards Meeting fellow security bloggers Recruiting speakers for SOURCE Finding future Veracode employees Trading war stories Picking up vendor schwag for my kids (RSA is much better for this one Meeting current and former customers and future ones, hopefully Things I could do without The cigarette smoke The heat Quarks Ive stuck...

Tags: blackhat, attend blackhat, attend, blackhat time, time, topic, future veracode employees, alan shimels topic, future

Black Hat Bloggers Network topic of interest #2

2008-06-26 01:40:04 by ashimmy in StillSecure, After All These Years

...Pwnie awards 2008, nominations open [via Zemanta Black Hat goes interactive in selecting upcoming speakers [via Zemanta

Tags: black hat, network, topic, blogger network, blogs, zemanta, chris hoff, broader response, pwnie awards

The Bitrix open redirect vulnerability: a lesson in the absurd

2008-07-22 23:00:00 by Russ McRee in HolisticInfoSec.org

...Pwnie Award 2009 Common, people...fix it del.icio.us | digg

Tags: vulnerability, redirect, redirect vulnerability, cve vulnerability advisory, redirect vulnerabilities, bitrix site manager, site, issue, secure issue

BlackHat Picks, Day 1

2008-07-28 20:35:32 by Chris Eng in Zero in a bit

...Pwnie Awards . Turnout last year was kind of slim, but I bet the room will be full this year as its been publicized more Day 2 picks coming soon

Tags: option, virtualization security apocalypse, virtualization security, day, picks, dns goodness, hovav shacham, chris hoff, code injection

Cross-site scripting CAN be used to hack a server

2008-08-05 22:06:00 by Russ McRee in HolisticInfoSec.org

...Pwnie worthy (winners announced tomorrow!); may the Lamest Vendor win That said, anyone with a clue knows that XSS attacks are ideal for credential theft, and if you can steal credentials, you can hack a server Looking for a textbook example? Check out mckt's new blog, skeptikal.org Here's a highlight Every cPanel user's account contains a...

Tags: server, server hack, hack, manager, file manager tool, file, root password, email, cpanel user

BlackHat Recap

2008-08-12 22:43:18 by Chris Eng in Zero in a bit

...Pwnie Awards didnt fail to disappoint. Drama ensued over the Most Overhyped award, but at least this year some of the winners showed up to claim their awards! Halvar rapping Symantec lyrics was also quite memorable All in all, a fun and informative week, but as usual, I was relieved to get the hell out of Vegas and head home on Friday...

Tags: favorite, favorite talk, talk, sotirovdowd talk, scott stenders talk, completely reliable technique, reliable, attack, technique