Vulnerabilities / Threats

7/1/2013
04:53 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kaspersky Lab Names Winners Of “Cybersecurity For The Next Generation 2013”

Winning project looked at protection for e-payment and e-identity data

Woburn, MA – July 1, 2013 - Kaspersky Lab today announced the winners of its global education project "CyberSecurity for the Next Generation 2013". Following the 2013 finals at Royal Holloway, University of London the prizes went to: Firman Azhari from the Bandung Institute of Technology, Indonesia (1st place); Dusan Repel from the University of Plymouth, UK (2nd place); and Iwan Gulenko from the Technical University of Munich, Germany (3rd place).

The three winners emerged from a pool of 14 which battled through regional heats in North America, South America, Asia, Europe, and Russia & the CIS to reach the final competition which was held from June 24-27. In all, 10 different countries were represented in the finals at Royal Holloway, where the students' papers were assessed by a program committee of Kaspersky Lab experts, IT security professors and decision-makers from the IT industry.

The winning project, "Detection of Security Vulnerability in Indonesian Near Field Communication (NFC) Applications," by Firman Azhari, looked at protection for e-payment and e-identity data. The project analyzed the security levels of NFC cards and proposed a solution to manage security problems – from detection to prevention – using a mobile application called "NFC Inspector" and a small portable device for analyzing NFC systems called "AZlyzer".

Cybersecurity for the Next Generation is the flagship of Kaspersky Lab's efforts to seek, support and educate talented young people from all over the globe as they set out on a career in IT security. These conferences take place in major universities all over the world and involve student competitions, learning sessions, lectures by globally renowned experts, games and socializing.

For more information on Kaspersky Lab's Cybersecurity for the Next Generation, please visit the events page.

Quotes

Firman Azhari, First Place Winner

Bandung Institute of Technology, Indonesia

"I am so happy to receive this award! I have worked hard on the project, and I'm happy that the program committee thought so highly of it. This conference has been a really a great opportunity, and it makes me more determined than ever to continue my studies and build a career in IT security!"

Veniamin Ginodman

Head of Education Programs

Kasperksy Lab

"Cyber threats are evolving at high speed and unfortunately it doesn't look like there will be any let up in cybercriminal activity. Against this background it is vital to provide the younger generation with the benefits of a high-quality IT education. We would like every young specialist in any field to understand the importance of IT security. At the same time we want to see young IT professionals understand the overall situation in the cyber world and be trained to combat all the threats. Initiatives like CyberSecurity for the Next Generation are helping us to achieve these goals."

About Kaspersky Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11763
PUBLISHED: 2018-09-25
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.
CVE-2018-14634
PUBLISHED: 2018-09-25
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerabl...
CVE-2018-1664
PUBLISHED: 2018-09-25
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 echoing of AMP management interface authorization headers exposes login credentials in browser cache. ...
CVE-2018-1669
PUBLISHED: 2018-09-25
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote atta...
CVE-2018-1539
PUBLISHED: 2018-09-25
IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6 could allow remote attackers to bypass authentication via a direct request or forced browsing to a page other than URL intended. IBM X-Force ID: 142561.