Risk
9/18/2013
10:50 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

World's Biggest Hacking Competition Launches Thursday At NYU-Poly

Nearly 1,000 teams, from Australia to Zimbabwe, have already registered for the preliminary round of the competition

Brooklyn, N.Y.--The Brooklyn campus of the Polytechnic Institute of New York University (NYU-Poly) will be the nerve center this week for the world's biggest hacking competition, as more than 10,000 participants from across the world compete in the preliminary round to find the best student teams for the tenth annual NYU-Poly Cyber Security Awareness Week (CSAW).

Nearly 1,000 teams, from Australia to Zimbabwe, have already registered for the preliminary round of the competition, which begins at 6 p.m. on Thursday, September 19, and will continue until 6 p.m. on Sunday, September 22. Organizers expect to exceed the record-breaking number of 1,357 teams that signed up last year and easily outpaced the perennial leader in the so-called Capture the Flag (CTF) software hacking competitions. They are designed to find and challenge the best emerging cyber security talent and to encourage students to pursue careers and fill the acute shortage of trained professionals in the field.

The NYU-Poly CSAW competition has earned a reputation for being accessible to beginners but challenging enough to attract even professionals. Like all the CSAW competitions, it is led by students, who work with renowned professionals to design the challenges and judge them. This week, the NYU-Poly CSAW CTF judges will be looking for top-scoring 10 teams of undergraduate students from the United States and Canada, who will receive expense-paid trips to New York to participate in the final round of the NYU-Poly CSAW on November 14-16, 2013. The CSAW winners will receive scholarships and cash prizes, network with world-known professionals and academics, attend seminars, and will be courted by top companies and institutions during a career fair.

CTF tests the application security skills of undergraduate students interested in computer security. Competitors mount attacks on vulnerable applications and solved offense challenges in their quest to earn the most points, or "flags." For the preliminary round, NYU-Poly's teams will gather on campus, but the vast majority of contestants will participate remotely.

The CTF is the centerpiece of NYU-Poly's CSAW competitions, which encompass a wide range of challenges and span an array of security issues. Last year, more than 13,000 students participated, ranging from high school students to PhDs from more than 500 institutions. CSAW attracts some of the best and youngest cyber security talent.

NYU-Poly was one of the first universities to introduce a cyber security program, and is designated as both a Center of Academic Excellence in Information Assurance Education and a Center of Academic Excellence in Research by the National Security Agency. The Sloan Consortium, an affiliation of educators and institutions dedicated to quality online education, named NYU-Poly's virtual graduate cyber security program the Outstanding Online Program of 2011. The Center for Interdisciplinary Studies in Security and Privacy (CRISSP), a cutting-edge research collaboration of NYU-Poly and other NYU schools, re-examines the entire cyber security paradigm to integrate technology with broader issues such as human psychology, business, public policies and law. CSAW is hosted by NYU-Poly's Information Systems and Security Laboratory (ISIS Lab).

For more information on the NYU-Poly CSAW, visit https://csaw.isis.poly.edu. To register for the CTF, visit https://ctf.isis.poly.edu.

The U.S. Department of Homeland Security is a gold sponsor of CSAW, and Facebook and Qualcomm provide support at the bronze level. To date, 19 companies have provided generous financial support for the educational goals of NYU-Poly's CSAW.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web