Topic: The McColo Takedown - How taking out one ISP cured spam Speaker: Matt Sergeant On Tuesday the 11th November, 2008 at around 10pm UTC a small San Jose ISP was taken off the air in an action known as "de-peering". Almost immediately spam levels dropped by around 80%. In this talk we look at who McColo were, how this take down happened, and why it had such drastic effects on global spam volumes. Of course this isn't the end of the story, so we also examine: What happens now? Topic: Achieving...

Read More »

Topic: Computer Fraud – Computer Crime Speaker: Jerrard B. Gaertner, Director of Technology Assurance Services at Soberman LLP The Criminal Code of Canada deals with some computer offences directly (theft of telecommunications) and with others indirectly (fraud, theft, electronic distribution of child pornography). However, many people believe the Code is out of date or ineffective when it comes to computer-related offences. • Just what is computer crime? How is it different from other offences?...

Read More »

Topic: Virtualization Security Speaker: Robert Beggs Virtualization, which allows users to run multiple operating systems on a single physical box, can reduce costs and improve network manageability. From a security perspective, this simplified management can enhance system security, and virtualized systems are supporting security in roles such as secure software development, malware analysis, and disaster recovery But what are the risks of putting virtual systems into your production...

Read More »

Topic: BlackHat and Defcon Review Speakers: Various Event Attendees In this presentation, we'll cover the highlights of each conference. The new exploits and tool releases, new research and make sure you know what you missed out on! This is the MUST ATTEND TASK event of the year. If there is any specific topic you'd like covered, be sure to contact us and let us know. Reference: Defcon Official Website Reference: Blackhat Briefings 2008 Website...

Read More »

Topic: SpeedTalks! Presentations linked where available. Technical-focused content: New insecurities in Ipv6 (Tyler Reguly) Adventures in Remote Access (Chuck) Digital Watermarking (Paul Shields) The Canadian Honeynet Projet (Sami Kamel) Office...

Read More »

Topic: Privacy for Security Geeks Speaker: Tracy Ann Kosa Overworked. Underpaid. And now you’re responsible for privacy too. Get under the covers and find out why this job is a lot easier then it sounds. The secret to privacy design: once you’ve done it, you’re done it. This session will provide you with compliance based design requirements, and the teach you how to get there yourself. The legislation hasn’t changed in years, and though the technology evolves, the architecture requirements for compliant privacy design haven’t no matter who your clients are. Do privacy and security make good bedfellows? You bet. And it’s better then doing it alone....

Read More »

Topic: Web Access Management Speakers: Stefan Lesaru + Madhu Mahadevan Madhu Mahadevan and Stefan Lesaru from CA Canada Company will present a comprehensive session on Web Access Management (WAM). This session will highlight the different aspects of WAM and provide a background of how these types of solutions can be utilized in different scenarios. In particular, how authentication, authorization, auditing and policy management can be externalized, as well as provide Single Sign-On, Authentication...

Read More »

Topic: How to implement a Security & Privacy incident management program Speakers: Bobby Singh, SSHA The purpose of the presentation is to provide an overview on how to build a comprehensive and integrated security and privacy incident management program. Privacy incidents such as accidental disclosure of patient health information are becoming more and more common, and but there are few case studies or documented examples on how to deal with these types of incidents available to help organizations...

Read More »

Topic: Linking in to your Information Security Career Speakers: Robert Beggs and Bruce Cowper One of the most popular questions on the TASK forums is: “how do I break into the security field”? Sadly, it rarely receives an answer – like any other career, it seems to be a matter of who you know, and making connections can be difficult. Tonight we’re going to look at social networking resources on the web, especially LinkedIn and Facebook, and see how we can use these as a way to meet and build professional...

Read More »

Topic: Protecting Your Private Parts Speaker: Tracy Ann Kosa Overworked. Underpaid. And now you’re responsible for privacy too. Get under the covers and find out why this job is a lot easier then it sounds. The secret to privacy design: once you’ve done it, you’re done it. This session will provide you with compliance based design requirements, and the teach you how to get there yourself. The legislation hasn’t changed in years, and though the technology evolves, the architecture requirements for...

Read More »