Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

7/1/2013
04:53 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kaspersky Lab Names Winners Of “Cybersecurity For The Next Generation 2013”

Winning project looked at protection for e-payment and e-identity data

Woburn, MA – July 1, 2013 - Kaspersky Lab today announced the winners of its global education project "CyberSecurity for the Next Generation 2013". Following the 2013 finals at Royal Holloway, University of London the prizes went to: Firman Azhari from the Bandung Institute of Technology, Indonesia (1st place); Dusan Repel from the University of Plymouth, UK (2nd place); and Iwan Gulenko from the Technical University of Munich, Germany (3rd place).

The three winners emerged from a pool of 14 which battled through regional heats in North America, South America, Asia, Europe, and Russia & the CIS to reach the final competition which was held from June 24-27. In all, 10 different countries were represented in the finals at Royal Holloway, where the students' papers were assessed by a program committee of Kaspersky Lab experts, IT security professors and decision-makers from the IT industry.

The winning project, "Detection of Security Vulnerability in Indonesian Near Field Communication (NFC) Applications," by Firman Azhari, looked at protection for e-payment and e-identity data. The project analyzed the security levels of NFC cards and proposed a solution to manage security problems – from detection to prevention – using a mobile application called "NFC Inspector" and a small portable device for analyzing NFC systems called "AZlyzer".

Cybersecurity for the Next Generation is the flagship of Kaspersky Lab's efforts to seek, support and educate talented young people from all over the globe as they set out on a career in IT security. These conferences take place in major universities all over the world and involve student competitions, learning sessions, lectures by globally renowned experts, games and socializing.

For more information on Kaspersky Lab's Cybersecurity for the Next Generation, please visit the events page.

Quotes

Firman Azhari, First Place Winner

Bandung Institute of Technology, Indonesia

"I am so happy to receive this award! I have worked hard on the project, and I'm happy that the program committee thought so highly of it. This conference has been a really a great opportunity, and it makes me more determined than ever to continue my studies and build a career in IT security!"

Veniamin Ginodman

Head of Education Programs

Kasperksy Lab

"Cyber threats are evolving at high speed and unfortunately it doesn't look like there will be any let up in cybercriminal activity. Against this background it is vital to provide the younger generation with the benefits of a high-quality IT education. We would like every young specialist in any field to understand the importance of IT security. At the same time we want to see young IT professionals understand the overall situation in the cyber world and be trained to combat all the threats. Initiatives like CyberSecurity for the Next Generation are helping us to achieve these goals."

About Kaspersky Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-37759
PUBLISHED: 2021-07-31
A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2021-37760
PUBLISHED: 2021-07-31
A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).
CVE-2020-26564
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFil...
CVE-2020-26565
PUBLISHED: 2021-07-31
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.
CVE-2020-26806
PUBLISHED: 2021-07-31
admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.