Global Connections Committee Message
OWASP Leaders,
The Global Connections Committee would like to share our goals with you around OWASP presentations at non-OWASP sponsored events. OWASP as an organization needs to get out in front of a larger audience and the only way to do that is to get out in front of a lot of people who have not been to an OWASP event - maybe even not have heard about OWASP previously.
Our goal for 2010 for OWASP presentations is to facilitate:
20 OWASP presentations to non OWASP groups. 10 OWASP presentations to student /university groups10 OWASP presentations to companies with large internal development groupsStrategy:
To make connections utilizing the foundation laid by the other Global Committees within the development, university and organizational communities.To publish success stories from chapters where they have proactively lined up OWASP speakers not only for their OWASP chapter but had that speaker present to a developer group, university or large company about OWASP topics.
Leaders- GCC needs your help.
As chapter leaders we'd like you to think about ways that you can get the OWASP story out to a wider audience.
What are the active developer groups in your area? Ask to do an overview presentation to them.
What are the University's with Information Technology degrees in your area? Get to know the professors and offer to come in and do a presentation to a class.
Who are the companies with large development teams? Offer to give an overview of application security trends to their developers. Support - GCC is here for you.
We'll build the tools you need to implement the GCC strategy, whether that's PowerPoint presentations, meeting announcements, fliers. Let us know what you need to be successful.
Regards,
Global Connections Committee
News ::
Feed!
Povezani zapisi:
09-06-2010 10:31
arnab_s has discovered a vulnerability in global.level1.com, which could be exploited by malicious people to conduct XSS attacks.
XSSed
09-02-2010 6:44
I recently came across a round of spammed instant messages that arrived via my Yahoo! Messenger account. These messages were supposedly sent from my cousin’s account, and used the following format and were sent to everyone on her friends list:
The familiar message format told me that I was chatting with a bot that wanted me to click the link in the message. Checking where the link went to led me to the following page:
The IQ test had 11 questions that eventually led to a “results” page that asked me to sign up and enter my mobile phone number to get the quiz results:
One may ask why the site would need a mobile phone number just to send IQ test results. Will they use this information to spam me through my mobile phone? Nor is it clear if the answers to the questions actually matter to the IQ “score” given to the user, if they actually receive one.
That may well be the case but the cybercriminals have a more direct approach to earn money. The Summary of Terms at the bottom of the page says that by giving the quiz’s creators one’s mobile phone number means signing up for “mobile content subscription.” Of course, this is not free, as the subscription fee ranges from US$9.99–$19.99 a month. This is stated in the site’s terms and conditions, which are located at the bottom of the page:
This gave me enough reason to close the browser tab and leave the website. The URL of the said “IQ test” is now blocked by the Trend Micro Smart Protection Network™.
Post from: TrendLabs | Malware Blog - by Trend Micro
“IQ Test” Spam Proliferating via Instant Messages
trendmicro
