Risk

9/18/2013
10:50 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

World's Biggest Hacking Competition Launches Thursday At NYU-Poly

Nearly 1,000 teams, from Australia to Zimbabwe, have already registered for the preliminary round of the competition

Brooklyn, N.Y.--The Brooklyn campus of the Polytechnic Institute of New York University (NYU-Poly) will be the nerve center this week for the world's biggest hacking competition, as more than 10,000 participants from across the world compete in the preliminary round to find the best student teams for the tenth annual NYU-Poly Cyber Security Awareness Week (CSAW).

Nearly 1,000 teams, from Australia to Zimbabwe, have already registered for the preliminary round of the competition, which begins at 6 p.m. on Thursday, September 19, and will continue until 6 p.m. on Sunday, September 22. Organizers expect to exceed the record-breaking number of 1,357 teams that signed up last year and easily outpaced the perennial leader in the so-called Capture the Flag (CTF) software hacking competitions. They are designed to find and challenge the best emerging cyber security talent and to encourage students to pursue careers and fill the acute shortage of trained professionals in the field.

The NYU-Poly CSAW competition has earned a reputation for being accessible to beginners but challenging enough to attract even professionals. Like all the CSAW competitions, it is led by students, who work with renowned professionals to design the challenges and judge them. This week, the NYU-Poly CSAW CTF judges will be looking for top-scoring 10 teams of undergraduate students from the United States and Canada, who will receive expense-paid trips to New York to participate in the final round of the NYU-Poly CSAW on November 14-16, 2013. The CSAW winners will receive scholarships and cash prizes, network with world-known professionals and academics, attend seminars, and will be courted by top companies and institutions during a career fair.

CTF tests the application security skills of undergraduate students interested in computer security. Competitors mount attacks on vulnerable applications and solved offense challenges in their quest to earn the most points, or "flags." For the preliminary round, NYU-Poly's teams will gather on campus, but the vast majority of contestants will participate remotely.

The CTF is the centerpiece of NYU-Poly's CSAW competitions, which encompass a wide range of challenges and span an array of security issues. Last year, more than 13,000 students participated, ranging from high school students to PhDs from more than 500 institutions. CSAW attracts some of the best and youngest cyber security talent.

NYU-Poly was one of the first universities to introduce a cyber security program, and is designated as both a Center of Academic Excellence in Information Assurance Education and a Center of Academic Excellence in Research by the National Security Agency. The Sloan Consortium, an affiliation of educators and institutions dedicated to quality online education, named NYU-Poly's virtual graduate cyber security program the Outstanding Online Program of 2011. The Center for Interdisciplinary Studies in Security and Privacy (CRISSP), a cutting-edge research collaboration of NYU-Poly and other NYU schools, re-examines the entire cyber security paradigm to integrate technology with broader issues such as human psychology, business, public policies and law. CSAW is hosted by NYU-Poly's Information Systems and Security Laboratory (ISIS Lab).

For more information on the NYU-Poly CSAW, visit https://csaw.isis.poly.edu. To register for the CTF, visit https://ctf.isis.poly.edu.

The U.S. Department of Homeland Security is a gold sponsor of CSAW, and Facebook and Qualcomm provide support at the bronze level. To date, 19 companies have provided generous financial support for the educational goals of NYU-Poly's CSAW.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.