Skip to content ↓ | Skip to navigation ↓

Tripwire announced that Ken Westin and Craig Young, security researchers at Tripwire, will each be presenting at Security BSides San Francisco 2014 (BSidesSF), taking place February 23-24, 2014, at the DNA Lounge in San Francisco, California.

Westin has spent the past year analyzing security vulnerabilities in Telmex’s Prodigy email system, a free online Internet access service with more than 90 percent market share in Mexico. In this presentation he will discuss a vulnerability that allowed anyone to access Telmex email accounts – many of which were indexed by Google. Despite having alerted a local Mexican newspaper, his discovery was not widely publicized, but did reach online audiences.

Join Westin as he discusses the details of the vulnerability, how he discovered it and why the finding was not made available to Mexican consumers.

Details of Westin’s Presentation:

Session Title:  “Telmex Email Security Hole – My Email Was Indexed by Google!”
When: February 23, 2014, 11:00 a.m. – 12:00 p.m.
Where: BSidesSF 2014, DNA Lounge, 375 Eleventh Street, San Francisco, CA.

In 2013, Young’s security research resulted in the assignment of four to six Common Vulnerabilities and Exposures (CVE) each month. Young’s research included web vulnerabilities, such as command-injection and SQLi, and he also discovered multiple application vulnerabilities, including memory corruption and logic errors.

Join Young as he discusses the tips and tricks that participants can use to locate unknown vulnerabilities without the use of commercial analysis tools. Young will also discuss his experiences working with vendors and developers to harden their products.

Details of Young’s Presentation:

Session Title:  “A Day in the Life (Of a Security Researcher)”
When: February 23, 2014, 2:00 p.m. – 3:00 p.m.
Where: BSidesSF 2014, DNA Lounge, 375 Eleventh Street, San Francisco, CA.

About Security BSides: Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time.

It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.