A new payment schedule has been approved.

Hello pervert,

I want to inform you about a very bad situation for you. However, you can benefit from it, if you will act wisely.

Have you heard of Pegasus?
This is a spyware program that installs on computers and smartphones and allows hackers to monitor the activity of device owners.
It provides access to your webcam, messengers, emails, call records, etc. It works well on Android, iOS, and Windows.
I guess, you already figured out where I'm getting at.

It's been a few months since I installed it on all your devices because you were not quite choosy about what links to click on the internet.
During this period, I've learned about all aspects of your private life, but one is of special significance to me.
I've recorded many videos of you jerking off to highly controversial porn videos.
Given that the "questionable" genre is almost always the same, I can conclude that you have sick perversion.

I doubt you'd want your friends, family and co-workers to know about it. However, I can do it in a few clicks.
Every number in your contact book will suddenly receive these videos - on WhatsApp, on Telegram, on Skype, on email - everywhere.
It is going to be a tsunami that will sweep away everything in its path, and first of all, your former life.
Don't think of yourself as an innocent victim. No one knows where your perversion might lead in the future, so consider this a kind of deserved punishment to stop you.

Better late than never.
I'm some kind of God who sees everything.
However, don't panic. As we know, God is merciful and forgiving, and so do I.
But my mercy is not free.

Transfer $1490 USD to my bitcoin wallet: 1E3mVbLSLLUgdmrp8GV5RRu1Qz5FkWs4rJ

Once I receive confirmation of the transaction, I will permanently delete all videos compromising you,
uninstall Pegasus from all of your devices, and disappear from your life. You can be sure - my benefit is only money.
Otherwise, I wouldn't be writing to you, but destroy your life without a word in a second.

I'll be notified when you open my email, and from that moment you have exactly 48 hours to send the money.
If cryptocurrencies are unchartered waters for you, don't worry, it's very simple.
Just google "crypto exchange" and then it will be no harder than buying some useless stuff on Amazon.

I strongly warn you against the following:
) Do not reply to this email. I sent it from a temp email so I am untraceable.
) Do not contact the police. I have access to all your devices, and as soon as I find out you ran to the cops, videos will be published.
) Don't try to reset or destroy your devices.

As I mentioned above: I'm monitoring all your activity, so you either agree to my terms or the videos are published.

Also, don't forget that cryptocurrencies are anonymous, so it's impossible to identify me using the provided address.
Good luck, my perverted friend. I hope this is the last time we hear from each other.

And some friendly advice: from now on, don't be so careless about your online security.

Hacking Freemium Games - The Evolution Of PC Game Cheating

This post is going to be a rather strange post compared to previous ones. But bear with me, in the middle of the post you will see why this post fits the IT security topic.

I'm also terribly sorry for not posting recently, but I was busy with my SPSE and SLAE certification. Both are recommended for Python and Assembly noobs like me. But back to this post.

A little bit of history

Cheating in games started as help for game testers. By using invincibility or infinite ammo testers were able to test the game quicker, which meant less money spent on testing. I personally use cheat codes in games, depending on my mood. Sometimes it feels good to slash all the opponents while I'm invincible, sometimes it is more fun to play the game without cheats. One can argue whether cheating in games is OK or not, but I believe it depends, there is no black or white. But one thing is for sure, it is part of the gaming industry. There is huge demand for cheats. There were even cheat books printed on paper...

The different types of cheats (on PC)

There are different types of cheats in PC gaming. Following is a noncomplete list of these cheats:

Cheat codes

The good old IDDQD type of cheats. These are left in the game by the developers intentionally. Nothing interesting here.

Edit memory

This is my favorite. I will talk about this at the end of the post. Whenever a user launches a new program, the program's whole memory is accessible (read/write) to every other program launched by the user. And since the memory stores the current game state (health, ammo, armor, etc.), these values can be changed easily. In the good old times, there were POKE commands to do this cheats, and the memory address to write into was published by people who found where the game stores the most critical states about the game.

Code injection

This is like patching the game code. For example, one can change the "DEC (pointer to your current health)" instruction with NOP (do nothing), thus becoming invincible. In multi-player cheats, there is the aimbot to help you aim at enemies, wallhack to see through the wall, increase hitbox of the enemy for smoother hit, or in MMORPGs, one can write macros to collect items while the player is not online. I would say the so-called "trainers" more or less fit into this category and the previous one.

Saved game editor

The first time a kid meets a hex-editor (just like the co-author of this blog did with SIM City when he was 10 years old - David). It can teach a lot about file structures, the hexadecimal numeral system, etc. Fun times. 

Hacking game server

Not very common, but even more fun. Warning: endless trolling possibilities in multi-player games ahead :) How to hack a game server? Well, I think this might deserve another full blog post ...

Network traffic hacking

One last necessary type of cheating is to modify network traffic between the client and the game server. AFAIK SSL is not universal in gaming, so stunnel is not needed for this hack, but ettercap can help in changing the communication.

Why cheating becomes more critical (and challenging)?

Now in the age of in-app-payments, the game creators are no longer thinking about cheats as funny things but something to be destroyed to the ground. Because cheating decreases its revenue. Or not. At least they think it does. To quote Wikipedia here, "cheating in such games is nonetheless a legal grey area because there are no laws against modifying software which is already owned, as detailed in the Digital Millennium Copyright Act." 

A lot of online games include anti-cheating components like PunkBuster, nProtect GameGuard, or Valve Anti-Cheat. This whole cheating/anti-cheating industry is the same as the virus/anti-virus industry. A cat and mouse game.

Freemium games

If you have not played with "freemium" games, you should watch South Park season 18, episode 6. - "Freemium Isn't Free." If you did play with freemium games, you definitely have to watch it :) There are many problems with freemium games. It is free to install, free to play. The first 3-4 hours might be fun to play. But after that, it turns out it is impossible to advance in the game without paying money for it. And by spending cash, I mean spending a LOT! Let's have a look at today's example, an arcade racing video game.

For 99.99 USD, you can get 3 000 000 credit. For almost double the price of a new PC game, you can get these credits. In this particular game, I estimate one have to play ~6-24 hours constantly to get this amount of credit. But by playing ~6 hours, I mean 6 hours without progress in the game! Kind of boring. And what do you get from 3 000 000 credit? You can buy one of the most expensive cars, but can't tune them fully. You have to play more (without progress) or buy more. But guess what, there are more cars you can't buy by only playing the game. Those are only available via in-app-purchase.

Even though the player has 58 765 533 credits, it is not possible to buy this car. Only available through real money.

So, what are your possibilities? You are either Richie Rich, and can afford the money to buy these. Or you can be insane, and try to play the game without in-app-purchase. Or give up the game and try another freemium ... Or, you can try to hack the game!

Hack all the freemium games!

Although I was not playing this racing game from day one, I was able to witness the evolution of the cheats against this game. The cheats which worked in one day was not working one month later. The game is continuously updated to defeat the newly published cheats.

Noob start

So, I want to hack this game, what is the first thing a noob like me does? Bing it! Google it! 

From the first page result, let's check this tool:

While trying to download that, I just have to give my email address to spammers, or my mobile number will be subscribed to premium rate text messages. What fun.

Another "cheat" program will install malware/adware on your computer. Never ever try these programs. They are fake 99% of the time and after installing those you will have another problem, not just how to hack freemium games.

Beginners start - Cheat engine

When I first heard about hacking games in memory, I visualized hours of OllyDBG/ImmunityDBG/(insert your favorite Windows debugger here). It turned out, there are some specialized tools to help you with cheating the game. No assembly knowledge required. My favourite tool is CheatEngine. I highly recommend to download it and spend 10 minutes to get past the built-in tutorial levels to get a feeling about this tool. It's super duper awesome.

When I first tried to hack this game myself, I scanned the memory for my actual credit and tried to change that, no luck. Keep reading, you will see what happened.

The second cheat I tried with cheat engine was something like this: 

1. Start the game, play the first level, and check how many credits is paid for winning the race. Pro tip: use dual display for full-screen game cheating.
2. Restart the same level, attach Cheat Engine to the game's process
3. Scan the memory for the same value at the beginning of the race
4. Scan the memory for the same value at the end of the game. The intersect of the first and second scan includes the real value where the credit is stored for winning the race.
5. Change the values (both the real one and some false positives) to something big
6. Watch the game to crash
7. Be amazed at the money you received

Nowadays, most of the cheats on YouTube does not work. Except for these kind of cheats. I don't want to recreate that tutorial, so you should watch it first then come back.

Are you back? Great. Do you have any idea what have you just seen? No? Well, in this case, don't try this at home. Copy-pasting assembly code from random internet posts and running on your computer is always a bad idea. It is precisely as risky as downloading free programs from random internet sites.

Although I have not seen people trolling others with this cheat engine type of shellcode, I think the time will come when these will be turned into something terrible. These shellcodes might work, or might harm your computer. The good news is, we can have a look at the code and analyze it. 

When you open CheatEngine and try to define a new custom type, you are greeted with a skeleton assembly code. I don't want to detail what all the skeleton code does, let's just focus on the difference between the skeleton code and the code used in the video. This is the "decrypt function":

xor eax, 0baadf00d rol eax, 0e 

What does it mean? The actual credit is encrypted in memory. If you want to scan it in memory, you won't be able to find it. But! The encryption is rotating the value to the right (ROR) with 0xE (14 in decimal), and after that, it is XOR-ed with 0xbaadf00d. Decrypting it is the inverse of the functions in reverse order (in this particular case, the order does not matter, but that's not the point). The inverse function of XOR is XOR, and the inverse function of ROR (rotate right) is ROL (rotate left). Now that we analyzed the assembly code, we can be sure that it is safe to execute. Just follow the video and see your coins falling from the sky. For free. In a freemium game. Have fun!

Encrypt memory - applications at financial institutions

Another exciting thing is that I don't recall any thick client applications in the financial industry encrypting the values in memory. And I agree, there are more significant problems with thick client applications than not encrypting the essential values in memory. But still, some thick client applications are regularly updated, maintained. Maybe it is a good idea to encrypt the values in memory. It will make attackers' life harder. Not impossible, but harder. Perhaps the developers of these applications should learn from the gaming industry (or from malware developers for that matter) because it is a shame that an arcade racing game or an FPS is protected better than an application responsible for transacting millions of dollars. Just think about the RAM scraping malware stealing millions of credit card data ...

Moral of the story

Cheating is part of the gaming history, and the freemium games are trying to take away the cheats from the gamers because they want money. Thanks to CheatEngine and some clever hacks, these programs can be still beaten. And guess what, there is CheatEngine for Android - although it did not work for me on the latest Android. And sometimes, hacking all kinds of applications can be more comfortable with CheatEngine, compared to traditional debuggers.

Also, always check the code before executing it! And when you find something cool, publish it, so everyone could enjoy the games!

More articles

1. Pentest Tools Subdomain
2. Pentest Tools For Ubuntu
3. Hacker Tools For Pc
4. Best Pentesting Tools 2018
5. Hacking Tools Download
6. Hacking Tools For Beginners
7. Hacking Tools Online
8. Hack Tools Mac
9. Pentest Tools Bluekeep
10. Hack Tool Apk
11. Hacking Tools For Windows Free Download
12. Hack Tools Mac
13. Hacking Tools For Pc
14. Best Pentesting Tools 2018
15. Pentest Recon Tools
16. Hacker Tools
17. Hacking Tools
18. Hack Tools For Games
19. Hacker Tool Kit
20. Hacker Tools For Mac
21. Hack Tools Mac
22. Hacker Tools Mac
23. Hack Tools For Pc
24. Hack Tools Github
25. Pentest Tools Review
26. Nsa Hack Tools
27. Easy Hack Tools
28. Easy Hack Tools
29. Pentest Tools Open Source
30. Nsa Hacker Tools
31. Pentest Tools
32. Hack App
33. Pentest Tools Kali Linux
34. Pentest Tools
35. Hacker Tools Windows
36. Hacker Tools Online
37. Hacker Tools Mac
38. Hacker Tools Github
39. Hacker Tools Hardware
40. Hack Tool Apk No Root
41. Pentest Box Tools Download
42. Pentest Tools
43. Hacker Tools For Windows
44. Hacking Tools Free Download
45. Termux Hacking Tools 2019
46. Hacker Tools Windows
47. Pentest Reporting Tools
48. Top Pentest Tools
49. Hacking App
50. Hacker Tools 2020
51. Hack Tools For Pc
52. Best Hacking Tools 2020
53. Hacking Tools Free Download
54. Hacking Tools
55. What Is Hacking Tools
56. Hacker Tools Apk Download
57. What Are Hacking Tools
58. Pentest Tools Linux
59. Pentest Tools Nmap
60. Hacking Tools For Pc
61. Best Hacking Tools 2020
62. Hacking Tools For Windows 7
63. Termux Hacking Tools 2019
64. Hacking Tools
65. Computer Hacker
66. Hack Rom Tools
67. Pentest Tools Android
68. Hack Tools Pc
69. Pentest Tools Kali Linux
70. Github Hacking Tools
71. Hacking Tools For Windows Free Download
72. Growth Hacker Tools
73. Hacking Apps
74. Nsa Hack Tools Download
75. Hacking Tools Github
76. Hacking App
77. Hack Tool Apk
78. Hacking Tools For Beginners
79. How To Make Hacking Tools
80. What Are Hacking Tools
81. Hacker Tools 2020
82. Pentest Tools Windows
83. Pentest Recon Tools
84. Pentest Tools Find Subdomains
85. Hacking Tools For Windows
86. Hacking Tools And Software
87. Pentest Tools Github
88. Computer Hacker
89. Hack Tools For Windows
90. Hak5 Tools
91. Hacker Search Tools
92. Hacking Tools For Beginners
93. Hack Tool Apk
94. Hacker Hardware Tools
95. Hacking Tools Usb
96. Install Pentest Tools Ubuntu
97. Top Pentest Tools
98. Pentest Tools For Mac
99. How To Install Pentest Tools In Ubuntu
100. How To Hack
101. Hacker Tools Free
102. Pentest Tools Linux
103. Hacking App
104. Hacker Techniques Tools And Incident Handling
105. Game Hacking
106. Hacker Tools Mac
107. Growth Hacker Tools
108. Tools 4 Hack
109. Pentest Reporting Tools
110. Hack Tools For Pc
111. Github Hacking Tools
112. Hacking Tools Kit
113. Hack Tools
114. Hacker Techniques Tools And Incident Handling
115. Hacking App
116. Hacking Tools 2019
117. Pentest Tools For Windows
118. Pentest Reporting Tools
119. Hacker Techniques Tools And Incident Handling
120. Hack Tools Download
121. Hackers Toolbox
122. Hacker Tools Software
123. Black Hat Hacker Tools
124. Hack Rom Tools
125. Bluetooth Hacking Tools Kali
126. Hacking Tools 2019
127. New Hacker Tools

Real World Social Engineering - Turning Life Into A Penetration Test Or One Hell Of An Adventure

In this video you will learn all the things they never told on how to become a badass social engineer..  Instead of wasting time learning sneaky tactics to "Engineer" the outcome.. We focus on the part which is always left out when teaching social engineering..  the "Social" part..  

With the social part working correctly, the engineering part becomes seamless and easy to pull off without feeling forced. 

Continue reading

1. Hacking Tools For Windows 7
2. Underground Hacker Sites
3. Hacking Tools For Kali Linux
4. Hack Tools
5. How To Hack
6. Pentest Tools For Windows
7. Hackers Toolbox
8. Hacking Tools Pc
9. Pentest Automation Tools
10. Hacking Tools Online
11. Top Pentest Tools
12. Pentest Recon Tools
13. Bluetooth Hacking Tools Kali
14. Hack Tools Online
15. Hacking Tools 2020
16. Hacker Tools
17. Pentest Tools Free
18. Hacker Tools For Windows
19. Hacker Tools Linux
20. Termux Hacking Tools 2019
21. Hacker Tools List
22. Pentest Tools Website Vulnerability
23. Hacker Tools List
24. Hacker Search Tools
25. Pentest Tools Open Source
26. Hacking Tools 2019
27. Hacking Tools For Kali Linux
28. Hacker Tools Github
29. Beginner Hacker Tools
30. Hacker Tools Hardware
31. Pentest Tools For Windows
32. Hacker Tool Kit
33. Hacker Tools Github
34. Android Hack Tools Github
35. Usb Pentest Tools
36. Hack Tools Download
37. Hack Rom Tools
38. Pentest Tools Free
39. Pentest Tools For Ubuntu
40. Tools 4 Hack
41. Hack Tools 2019
42. Hacker Tools Mac
43. World No 1 Hacker Software
44. Hack App
45. Hacking Tools Windows 10
46. Pentest Recon Tools
47. Hacking Tools Mac
48. Tools 4 Hack
49. Pentest Tools Windows
50. Pentest Tools Free
51. Hacker
52. Hacking Tools For Windows Free Download
53. Hacker Techniques Tools And Incident Handling
54. Hacking Tools For Pc
55. New Hack Tools
56. Pentest Recon Tools
57. Hacking Tools For Kali Linux
58. Best Pentesting Tools 2018
59. Hack Tool Apk
60. Hacker Tools Apk
61. Usb Pentest Tools
62. Free Pentest Tools For Windows
63. How To Install Pentest Tools In Ubuntu
64. Wifi Hacker Tools For Windows
65. Pentest Tools Open Source
66. Hack Website Online Tool
67. Hacker Tool Kit
68. Hacking Tools For Windows 7
69. Hack Tool Apk
70. Growth Hacker Tools
71. Hacking Tools For Windows
72. Hacker Tool Kit
73. Pentest Tools Nmap
74. Hack Apps
75. Hacking Tools And Software
76. Hack Tools Download
77. Easy Hack Tools
78. Hacking Tools Name
79. Hacker Tools For Mac
80. Hacker Tools Apk
81. Black Hat Hacker Tools
82. Hacking Tools For Mac
83. Pentest Tools Kali Linux
84. Pentest Tools For Ubuntu
85. Blackhat Hacker Tools
86. Android Hack Tools Github
87. Ethical Hacker Tools
88. Hack Tools For Mac
89. Hacks And Tools
90. Blackhat Hacker Tools
91. Android Hack Tools Github
92. New Hacker Tools
93. How To Hack
94. Hack Tool Apk No Root
95. Hacker Tools Free Download
96. Pentest Tools Kali Linux
97. Pentest Tools Port Scanner
98. Ethical Hacker Tools
99. Hack Tools For Mac
100. What Is Hacking Tools
101. Pentest Tools Tcp Port Scanner
102. Nsa Hacker Tools
103. Pentest Tools Website Vulnerability
104. Hacker Tools Linux
105. Hacking Tools Windows 10
106. Hacker Tools
107. Hacker Security Tools
108. Hacking Tools 2019
109. Hack Tools For Windows
110. Hacker Techniques Tools And Incident Handling
111. What Are Hacking Tools
112. Hacker Tools Software
113. Hacking Tools Hardware
114. Hacker Tools Hardware
115. How To Hack
116. Hack Tools
117. Hacking Tools For Mac
118. Hacker Tools Github
119. Pentest Tools Url Fuzzer
120. Pentest Tools Open Source
121. Hack Website Online Tool
122. Termux Hacking Tools 2019

July 2019 Connector

*|MC_PREVIEW_TEXT|*

OWASP Connector   July 2019 Communications | Projects | Events | Community | Membership COMMUNICATIONS Letter from the Vice-Chairman: Since the last Connector, the Foundation has seen an extremely positive response to hosting a Global AppSec conference in Tel Aviv. The event was well attended with great speakers and training, furthering our mission to improving software security on a global level. Next up we have a Global AppSec conference in both Amsterdam and Washington DC. We have migrated away from the regional naming convention so in previous years these events would have been Europe and US. Planning for both events is well underway with some excellent keynotes being lined up. We hope you can join us at these conferences. As part of our community outreach, the Board and volunteers will be at BlackHat and DEFCON in Las Vegas next month. The Board will have a two-day workshop two days before the conference, but during the conference will look to talk to and collaborate with as many of the community as possible. We are really looking forward to this. It is that time of the year again, the global Board of Directors nominations are now open. There are four seats up for re-election: mine (Owen), Ofer, Sherif, and Chenxi. I would ask those who would like to help drive the strategic direction of the Foundation to step forward. If you are not interested in running, why not submit questions to those who are running. Recently the Executive Director has put forward a new initiative to change the way in which we utilize our funds in achieving our mission. The aim here is to have one pot of money where there will be fewer restrictions to chapter expenses. Funds will be provided to all, albeit as long as they are reasonable. The Board sees this as a positive step in our community outreach. Finally, I would like to ask those who are interested in supporting the Foundation, reach out to each Board member about assisting in  one of the following strategic goals, as set out by the board at the start of the year: Marketing the OWASP brand  Membership benefits Developer outreach Improve benefits  Decrease the possibility of OWASP losing relevance Reaching out to management and Risk levels Increase involvement in new tech/ ways of doing things – dev-ops Project focus  Get Universities involved Practicum sponsored ideas Internships  Improve finances Improve OWASP/ Board of Directors Perception Process improvement Get consistent Executive Director support Community empowerment Thanks and best wishes, Owen Pendlebury, Vice Chair   DC Registration Now Open                 Sponsorship Available - Registration Opens Soon UPDATE FROM THE EXECUTIVE DIRECTOR: Change: If we change nothing, how could we expect to be in a different place a year from now? It has been truly a pleasure these first six months as your Interim Executive Director and I look forward to many years to come. Everyone has done a great job helping me see our opportunities and challenges. And the challenges are real - both internally and our position in the infosec community. I'm biased toward action. My first task has been to redesign and optimize our operations. This will help staff to be more responsive while also saving the funds donated to the Foundation for our work on projects and chapters. This will also mean changes for you too. Communities work better when everyone always assumes we are all operating with the best of intentions. I can assure you that is the case of our Board, leaders, and staff. Evaluate our changes through this view and we'll save time and our collective sanity. One big project that is coming to life is our new website. We will soon be entering our 20th year and we needed to not just refresh the look but completely retool it for the next 20 years. We are rebuilding it from the ground up and we can't wait to share our progress. Over the next month or so we will be sharing more information on that project. Stay tuned! Mike McCamon, Interim Executive Director OWASP FOUNDATION UPDATE FROM EVENTS DIRECTOR: OWASP is pleased to announce our newest staff member, Sibah Poede will be joining us as the Events Coordinator and will begin full-time on 1 July. Sibah is a graduate of London South Bank University where she received a BA (Hons) Marketing Management. Prior to that, she gained a diploma in Market & Economics at the Copenhagen Business School, Neil's Brock, Denmark. After graduation, she launched her career in London working with Hilton International hotels at the Conference and Events department. She eventually moved on to work with Kaplan International Colleges in the marketing department. Later, she joined Polyglobe Group, and then Uniglobe within the travel sector, where she was involved in global exhibitions and events, account management and sales. She has lived in Denmark, Nigeria, Switzerland, and currently lives in London. In her spare time, she enjoys traveling and learning new cultures. She is also part of the Soup Kitchen Muswell Hill, a charity organization involved in feeding the homeless. Please join us in welcoming Sibah to the team. Emily Berman Events Director As many of you are aware, the OWASP Foundation has a Meetup Pro account.  We are requesting that all Chapters, Projects, Committees, and any other OWASP Meetup pages be transferred to the OWASP Foundation account. OWASP Foundation will be the Organizer of the Group and all Leaders/Administrators will be Co-Organizers with the same edit rights.   Once the Meetup page is transferred to our account, the Foundation will be funding the cost of the Meetup page.  If you do not want to continue being charged for your Meetup subscription account, you should then cancel it. Thereafter no Chapter, Project, etc. will be billed for Meetup.  Going forward the Foundation will no longer approve any reimbursement requests for Meetup.   For instructions on how to move your Meetup group to the OWASP Foundation account please see https://www.owasp.org/index.php/OWASP_Meetup_Information OWASP Members visit our website for $200 savings on Briefing passes for BlackHat USA 2019. EVENTS  You may also be interested in one of our other affiliated events: REGIONAL AND LOCAL EVENTS Event Date Location OWASP Auckland Training Day 2019 August 10, 2019 Auckland, New Zealand OWASP security.ac.nc-Wellington Day 2019 August 24, 2019 Wellington , New Zealand OWASP Portland Training Day September 25, 2019 Portland, OR OWASP Italy Day Udine 2019 September 27, 2019 Udine, Italy OWASP Portland Day October 16,2019 Wroclaw, Poland BASC 2019 (Boston Application Security Conference) October 19,2019 Burlington, MA LASCON X October 24-25,2019 Austin, TX OWASP AppSec Day 2019 Oct 30 - Nov 1, 2019 Melbourne, Australia German OWASP Day 2019 December 9-10, 2019 Karlsruhe, Germany PARTNER AND PROMOTIONAL EVENTS Event Date Location BlackHat USA 2019 August 3-8,2019 Las Vegas, Nevada DefCon 27 August 8-11,2019 Las Vegas, Nevada it-sa-IT Security Expo and Congress October 8-10, 2019 Germany PROJECTS Project Reviews from Global AppSec Tel Aviv 2019 are still being worked on.  Thank you to the reviewers that helped with it.  If you have time to help finalize the reviews, please contact me (harold.blankenship@owasp.com) and let me know. We continue to push forward with Google Summer of Code.  First and student evaluations are past and we are in our third work period.  Final evaluations are due 19th August! The Project Showcase at Global AppSec DC 2019 is shaping up to be a fantastic track.  Please note the following schedule.     Schedule Time Thursday, September 12 10:30 Secure Medical Device Deployment Standard Christopher Frenz 11:30 Secure Coding Dojo Paul Ionescu 1:00 p.m. Lunch Break 15:30 API Security Project Erez Yalon 16:30 Defect Dojo Matt Tesauro Time Friday, September 13 10:30 Dependency Check Jeremy Long 11:30 SAMM John Ellingsworth, Hardik Parekh 1:00 p.m. Lunch Break 15:30 SEDATED Dennis Kennedy 16:30 <open>   New Release of ESAPI # 2.2.0.0:  On June 25, a new ESAPI release, the first in over 3 years, was uploaded to Maven Central. The release # is 2.2.0.0. The release includes over 100 closed GitHub Issues and over 2600 additional unit tests. For more details, see the release notes at: https://github.com/ESAPI/esapi-java-legacy/blob/esapi-2.2.0.0/documentation/esapi4java-core-2.2.0.0-release-notes.txt A special shout out to project co-leader Matt Seil, and major contributors Jeremiah Stacey and Dave Wichers for their ongoing invaluable assistance in this effort. -- Kevin Wall, ESAPI project co-lead OWASP ESAPI wiki page and the GitHub project page. COMMUNITY   Welcome New OWASP Chapters Indore, India Panama City, Panama Medellin, Colombia Cartagena, Colombia Aarhus, Denmark Dhaka, Bangladesh Edmonton, Canada Lincoln, Nebraska Sanaa, Yemen Noida, India Mumbai, India MEMBERSHIP   We would like to welcome the following Premier and Contributor Corporate Members.  Contributor Corporate Members Join us Donate Our mailing address is: OWASP Foundation 1200-C Agora Drive, # 232 Bel Air, MD 21014   Contact Us Unsubscribe

This email was sent to *|EMAIL|* why did I get this?    unsubscribe from this list    update subscription preferences *|LIST:ADDRESSLINE|*