From: "Jim Weiler" Sent: Tuesday, March 31, 2009 9:25:11 AM GMT -05:00 US/Canada Eastern Subject: OWASP Boston April Mtg Tomorrow - 4/1 6:30 http://www.owasp.org/index.php/Boston Date - Wed. April 1 Topic - Breaking Browsers * Browser attack vendors * How can browsers be properly secured * The future of the web - browser vulnerabilities and attacks * traditional web based attacks * attacking the browser itself. * attacking the plugins * attacking a standard Josh will demo - Clickjacking BeEF (Browser Exploitation Framework) setup/ plugin detection and JS autorun BeEF exploiting MS09-002 adobe util_printf xml_corruption Java Applet with Meterpreter payload Firefox keylogger Speaker - Joshua D. Abraham - Security Consultant - Rapid7 Josh joined Rapid7 in 2006 as a Security Consultant. Josh has extensive IT Security and Auditing experience and worked as an enterprise risk assessment analyst for Hasbro Corporation. Josh specializes in penetration testing, web application security assessments, wireless security assessments, and custom code development. In the past, he has spoken at Infosec World, ShmooCon, LinuxWorld, Comdex and the Boston Linux User Group. In his spare time, he contributes code to open source security projects such as the BackTrack LiveCD, Nikto, Fierce, and PBNJ. Location and Directions - Microsoft offices at the Waltham Weston Corporate Center, 201 Jones Rd., Sixth Floor Waltham, MA >From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt. 20. From Rt 128 South take exit 26 but go around the rotary to get to 20 East to Waltham. Follow signs for Rt. 117 (left at the second light). When you get to 117 turn left (West). You will cross back over Rt. 128. Jones Rd. (look for the Waltham Weston Corporate Center sign) is the second left, at a blinking yellow light, on Rt. 117 going west about 0.1 miles from Rt. 128 (I95). The office building is at the bottom of Jones Rd. Best parking is to turn right just before the building and park in the back. Knock on the door to get the security guard to open it. The room is MPR C. Jim Weiler CISSP Starwood Hotels and Resorts Sr. Mgr. Information Security Risk Assessment Office - 781 356 0067 Cell - 781 654 6048