After BlackHat Europe (see related post), I will be speaking at:

ph-neutral – Basically the real deal… If you are FoFX (Friends of FX) expect to rub shoulders with some of the world’s best security experts

AthCon – A new regional conference in Greece, close to home, sponsored by some great guys from encode, and a very interesting lineup of speakers.

FIRST Conference – If you have ever dealt with incident handling, CSIRT, CERT, and alike, this is the conference to be at. A whole day workshop, and 5 full days packed with great talks in sunny Miami. Can’t go wrong…

BruCON – Brussel’s local security conference. Last year has been EPIC (so I’ve heard from authoritative sources ) and this year is shaping up to exceed the expectations!

These are the confirmed ones for now…

Also check out the following conferences which I plan to attend (i.e – are cool and have great content):

DefCon, BlackHat US, BSidesLV – you better know these by now…

ExcaliburCon – THE security conference in China. Held at WuXi (not far from Shanghai), and offers a great mixture of local (Chinese) hackers and international ones. Spoke there last year, if you are looking to expand to the Chinese market this is the conference to be at (and sponsor!).

Related posts:

1. ExcaliburCon summary and general China notes
2. Cloud Security Alliance Conference (Israel) – CFP
3. CyberCrime, CyberWarfare, and 2010

Well – it might seem as non-news for readers of this blog (or people who were in my presentations at BlackHat, DefCon, HackerHalted, ExcaliburCon, BlueHat, or in other venues), but a couple of interesting sound-bytes may catch your eye:

1. ZeuS (good ol’e friend, how I missed debugging thou) has implemented licensing schema. The schema enforces that the licensed software be only used on licensed machines. News? yes, kind’a. Remember Neosploit (another personal pet-peeves)? Then you must remember the licensing scheme there as well. Pretty close to what ZeuS just introduced. And they say that the world has stopped sharing. pffff. And you can quote me on that. As anyone who ever took more than a brief look at how these things operate, the only takeaway possible is simple: It’s all about the money (hence – license enforcement is key. Ask Microsoft )

2. Staying with ZeuS, there has been quite a lot of effort in the past few months to take down one of the main autonomous systems providing upstream for some of the biggest C&C’s hosting ZeuS. You can read more about it here, and here. Notable effort indeed, as TORYAK-AS has been on the hit list for ZeuS tracking researchers for a long time. Only thing is – there’s money here again. Which means that even taking down the entire AS won’t really take down the botnet as it relies on bulletproof hosting which means that there will ALWAYS be alternate routes leading to it. That’s how things work. Just like trying to fight trafficking and drug trade. As long as there is demand, there will be supply. You dry out one supplier, the economy will just pop out another one. It’s all about the money.

So, I’ll finish up with a couple of reassuring words. We are not done yet. We like fighting the technical battle (I’ll admit that I had my fun doing so, and still have fun when called to duty), but the real battle won’t be won in that playing field. Remember Al (Capone) – it didn’t take the DEA or FBI to take him down. It was the IRS…

Related posts:

1. Cyber[Crime|War] – connecting the dots – BlackHat EU 2010
2. ExcaliburCon summary and general China notes
3. New post on fudsec.com – CyberFUDfare

The slides and audio are also available in my section on the DefCon17 archives: http://defcon.org/html/links/dc-archives/dc-17-archive.html#Amit

Have fun!

Related posts:

1. It’s all about the money
2. Post BlackHat, pre DefCon
3. CyberCrime, CyberWarfare, and 2010