[44CON-announce] Early April Newsletter 2013
Welcome to the early April 44CON newsletter!
/dev/random from adrian and Steve
It’s been a strange couple of months, not only for the industry but for your hard working, ever loving, 44CON Crew. Out there we’re all seeing increasing numbers of DDoS attacks, web attacks and new exploits from researchers. ATMs, PIN terminals and payment systems are all falling, and we’re seeing a lot of heat (but very little light) from various governments on the “Cyber-”. Here at 44CON central we’re a little cynical having seen so many initiatives, strategies, and “Fusioncells” but what we do know is that the demand for us as security professionals, researchers and hackers to have top-flight skills, a solid network of colleagues, and a way in which we can come together and share knowledge has never been so important.
If you were hoping to see this in March, well so were we... we meant to put something out in March but as some of you may have heard Steve Lord has been rather unwell and been in hospital. Any rumours that he has found a particularly interesting network port in there are of course entirely... rumours! It appears @alien8 has let @arashiyama and more of the crew at the keyboard to help edit this newsletter, fresh from some strange experiment which has him down to two pints a day - of what, we’re not saying.So, moving on, lets step up to the lab, and see what’s on the slab!
44CON 2013 Training
We have a range of top notch technical training this year, and based on feedback from last year it proves invaluable to you in your quest to develop the skills you need to do your job
The Web Application Hacker's Handbook, 2nd Edition: LIVE! - MDSec (Marcus Pinto)
The Web Application Hacker’s Handbook (WAHH) Series is the most deep and comprehensive general purpose guide to hacking web applications that is currently available, and is currently number 1 in Amazon’s web security sales rank. This course is a practical opportunity to take the skills and theory taught in the book to the next level, experimenting with all of the tools and techniques against numerous vulnerable web applications and labs, under the guidance of the book’s authors.
This course sold out last year, we’re delighted to offer it again.
Read more at https://44con.com/training/mdsec-web-applications-hackers-handbook-v2
Saumil has asked us to point out ‘This is the 100% genuine Exploit Lab! No imitations, no rip-offs’.
Read more at http://44con.com/training/the-advanced-exploit-laboratory
Hacking By Numbers Mobile will give you a complete and practical window into the methods used when attacking mobile platforms. This course is ideal for penetration testers who are new to the mobile area and need to understand how to analyse and audit applications on various mobile platforms using a variety of tools and platforms. With the increased use of mobile platforms and applications for business-critical services it’s never been more important to ensure they are properly secured.
Read more at: https://44con.com/training/hacking-by-numbers-mobile-edition
Recent advances in IPv6 insecurities - Marc Heuse - THC
This training course shows you how to perform penetration testing on IPv6 networks locally and remote - in theory and hands-on. Learn first hand from the developer of the tools and techniques that are specific for IPv6. Additionally, security in deploying IPv6 is taught from network design to firewall, router and system configuration hardening.
This sold out course of 2012 is back and has been updated!
Read more at: https://44con.com/training/recent-advances-in-ipv6-insecurities
Android Security Workshop - MWR
The workshop is designed for:
Android developers who have a basic understanding of Android security but wish to improve their knowledge about the options available to them in more unusual or difficult situations. The workshop will present them with opportunities to see mistakes made by others, witness and recreate exploits and to redesign and secure vulnerable functions under supervisionThe training course will teach attendees about the implementation details of the Google Android operating system (OS), the impact this has on the security posture of custom applications and the Google Android device.
This is an updated course from the sell out 2011 course MWR offered at the first 44CON!
We've held the prices to the same as last year - £1200 including VAT - we hope this helps you.
Price includes a 3 course hot lunch and refreshment breaks each day.
There's further information here: https://44con.com/event/courses
Please note: you need a training booking to attend the training and a conference booking to attend the conference.
44Cafe
Want to network with the best and brightest in the UK infosec scene? Want to recover from another show in Earl’s Court? 44Cafe is for you. Over 400 of you came last year.
WHEN? 23rd AprilWHERE? O'Neills in Earl’s Court, 326 Earls Court Road, Kensington, London, SW5 9BQ
We've got the upstairs to ourselves. It will be pretty crowded for the talks so we can overspill downstairs as well.Of course, it wouldn’t be a 44CON event without a couple of killer talks in the afternoon.
If you saw Neil Kettle’s talk on Trusteer Rapport (www.youtube.com/watch?v=EimZQgt7WPg), he has an update which will reveal some interesting and uncomfortable truths!
44Cafe will open at midday - the first of 100 free bacon butties will be given out then and once they’re gone they’re gone!
Talks will start at 3pm, giving plenty of time to chat and socialise over a coffee, beer or two beforehand.
Any updates will be posted here: https://44con.com/44cafe
BSides London
We'll be around with our friends at BSides London - adrian and Campbell are mentoring a rookie (each!) Nik will be helping on the registration desk while Steve will be networking in the crowds. Talk to us and you might get a 44CON sticker :-)
Early birds sold out in a record 52 hours. (it took over a month last year!). Thanks so much for the support in 'buying tickets early' - as adrian said in his closing talk of 2012 it makes it a lot easier for us to plan the event knowing how many of you are coming. Please also try and 'bring a friend'.
Standard tickets are on sale now, we have several options for tickets this year.
-
Standard Entry 44CON 2013 ticket for £300
-
Standard Entry 44CON 2013 ticket + 44CON 2013 DVD for £350
-
Standard Entry 44CON 2013 Congoer Package (Includes T-Shirt, Mug and 44CON 2013 DVD) for £365
-
Corporate 44CON 2013 ticket (transferable ticket, also includes Mug and 44CON 2013 DVD) for £400
If you want to buy more than 5 tickets, please get in touch and we'll arrange accordingly.
You can pick up your ticket from http://shop.44con.com/collections/44con-tickets.
We opened up the CFP on February 20th 2013 and since then we’ve had a raft of submissions before the 31st March first round cutoff.
We’re now reviewing anything received before the cutoff to be included in the first round of speaker picks. With the view to announcing the first inclusions in the schedule at 44Cafe, we announced the draft schedule at http://44con.com/schedule and we’ll will fill in those slots as we announce.
There is still plenty of time to submit a presentation for the CFP at https://cfp.44con.com
Here are some important dates to remember:
-
First Selection round announced Tuesday 23rd April at 44Cafe
-
Final CFP Deadline: Monday 31st May, 6pm UTC
-
Speaker announcements: Tuesday 23rd April - Thursday 30th June
-
Speaker flight details to be submitted by 30th June
-
Presentation Submission Deadline: 31st July
-
Papers/Tools Submission Deadline: 12th August
-
44CON Training: 10th and 11th September
-
44CON Conference: 12th and 13th September
2013 Sponsors & more
Sponsors are very important to 44CON - without them, we wouldn’t be able to provide all the fun and exciting content and venues that we do. We’re very happy to make the following announcements:
We're tremendously excited to confirm our previous announcement that MWR have renewed their sponsorship of the first two years of 44CON and for that we thank them greatly. They are providing the Thursday night party in a new venue.. more news of this later... and their Capture the Flag will be running again!
Can you beat "Three Headed Monkeys", and win some cool stuff and free entry to 44CON 2014*?
Microsoft have agreed to be a Silver sponsor, and Raytheon have signed up as a supporter - many thanks to both!
We’ll have more exciting sponsor updates in our next newsletter - more sponsors are in the process of being signed - but if you know of companies that would like to exhibit please ask them to 'get in touch' with us here at 44CON. If you can make an introduction for us, please do so - we’ll be glad to tell everyone of your hard work on our behalf.
Sponsors keep your ticket price down and help us to do even more fun things at the event.
* - if we survive 2013 :)
We can announce that following the 2012 bar “experience” we decided to bring in some experts.
Yes, we’ve searched the urban jungle and have got an excellent external bar service coming to join us. They will be running the event bar - they know how to mix G&T properly for Gin O'Clock and will be pricing their drinks at 'reasonable' levels with NO service fee.
We'll be having more lunch space - there will be 2 rooms and this means the queues should be considerably shorter.
We're sorry about the lack of information pre-event last year - we hope you have already seen the draft 2013 schedule at http://44con.com/schedule ? :-)
You wanted more workshops - we're both increasing the space available in them and there are more of them.
Remember to follow us on twitter @44CON and of course, our website at http://44con.com
Thanks so much for your messages and support.
We can't wait, and we're sure you can't either! We'll send you more info as it comes out. As always, the mailing list will come first, so don't forget to tell your friends.
Kind Regards,
adrian & pp Steve
Organisers, 44CON 2013