OWASP Limerick February 2013

become a Member or Annual Chapter Sponsor(s).

OWASP Ireland-Limerick Board
Should you have a question about the local chapter, would like to get more involved contact ANY of the following people below


 * President [mailto:marian.ventuneac@owasp.org Marian Ventuneac]
 * Vice President TBD
 * Secretary TBD

OWASP Ireland-Limerick Address - TBD Ireland-Limerick

OWASP Ireland Limerick Chapter Meeting
When: 21/02/2013 7:00pm - 9:00pm Where: Limerick City Council, City Hall, Merchants Quay Sponsors: Genworth Financial This free event is open to all participants with an interest in application security. Registration is required - if you are planning to attend please RSVP at http://owasp-limerick-february-2013.eventbrite.com/ For ISACA and (ISC)² members: This event qualifies for free CPE credits/hours.

AGENDA 19:00 - 19:05 OWASP Limerick/Munster Chapter - Introduction, Agenda and Speakers

19:10 - 20:00 Zombie Browsers, spiced with Rootkit Extensions - presented by Balázs Zoltán Abstract: As malicious browser extensions currently are not detected by antivirus products, they are able to do enormous harm - not only by compromising one’s personal online activities, personal data and accounts, but even his/her business data. Hardly any anti-malware product offers real protection against these attacks, and even mobile phones might be vulnerable. Presenter: Balázs Zoltán (OSCP, C|HFI, CISSP, CPTS, MCP) is an ITSEC consultant at Deloitte. From 2006-2010 Zoltán worked as an IT Security Expert at Erste Bank Hungary, and from 2010 he works as an IT Security team leader, at Erste. On ITSEC conferences he likes to present about malwares, IPv6, pass-the-hash, browser malware. Download: Zombie Browsers

20:00 - 20:10 OWASP Limerick/Munster Chapter Raffle 20:10 - 20:50 Malware (zero-day) Analysis in an Operational Environment - presented by Richard Costelloe Abstract: This presentation reviews a response-methodology to a multi-stage, 'zero-day' malware attack against a corporate information-systems network. Included in this analysis are detailed explanations of evasive techniques such as social-engineering, spear-phishing, SMTP spoofing, HTTP and JavaScript obfuscation, binary code-packing, password and data harvesting, data encryption and exfiltration, file-droppers, process-injection and bot-nets. Included will be an overview of defensive-methodologies and processes such as system and network hardening and monitoring, data de-obfuscation, decoding and decryption, static and dynamic analysis of malware code and binaries and forensic best practises. Presenter: Richard Costelloe (MA, CISSP, CEH) is an Information-Security professional currently employed by Murex Dublin (Enterprise Risk Management), focusing on Information Security governance, compliance and policy development, risk-management, staff training & education, data-leaks, working with IT teams for system-hardening and penetration-testing and software-development teams with code-reviews and application-security audits for Murex’s Java/C++ products. Download: Malware Analysis
 * Free ticket for upcoming OWASP Limerick AppSec Training Day
 * Two representative Information Security books

20:50 - 21:00 Networking/Socialising

Past Events
2012 Meetings

OWASP_Limerick_Day_2012

OWASP_Limerick_July_2012

OWASP_Limerick_February_2012

2011 Meetings

OWASP_Limerick_October2011

OWASP_Limerick_March_2011