Speaking of Trojan's..  just in case you missed it, here's a good example of an old one (PoisonIvy) which was modified to get around modern defenses, it seems. 

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8095.msg43992/topicseen,1/#new

I have a camera hidden in my shirt (with a picture of James Bond) using the camera from thinkgeek if that counts. 

How is DefCon?  I've always heard that one is the most popular and everyone talks about it but is it worth the flight, hotel, food, etc.. to go to Vegas just for that?  It seems the cheapest place for me to fly to from here is Vegas.

Whoa!  That's quite a bit more advanced than it initially reads (just mentioning the PoisonIvy rat).  Man, I'd love to get my hands on their modified version and have a look.  Sounds like they did a good job of modifying it.

I'm jealous.. I'd love to have your job if it involves working with issues such as this one! 

Talk about an old trojan...  Can't believe this easily detected old trojan got through all of the ~50 companies defenses (if they had any)

http://www.eweek.com/c/a/Security/Nitro-CyberSpying-Campaign-Stole-Data-From-Chemical-Defense-Companies-863610/

I think I'm just living in a horrible place (location wise) for the conventions.  I'm as west as you can get in Canada. (Vancouver Island)  Way too expensive to fly to any of the cheap cons.  One year I may go to the cheapest place (Vegas) for DefCon as I've still never been there.

Filled out the survey but I had to say that I've never been to ANY event before.  (my company is also too cheap to send me anywhere and I have no money to pay out of pocket)

I actually haven't used it in a little while but here's a couple good sites with some syntax examples for mangling:
http://csfacwiki.cslabs.ewu.edu/wiki/securitylab/index.php/JohnTheRipper
http://www.openwall.com/john/doc/EXAMPLES.shtml

Hayabusa's right on the money.  There really is no "secure" place to use your laptop other than anyplace you turn off wifi and unplug your network cable.    I would have to say that it's more common to have your wireless devices "hacked" or the traffic sniffed outside of the home.  That's just what I've personally noticed though.

Yeah, no kidding!  Takes some big geek cojones to go after the Cartel.   

Sure hope it works out (for anonymous) but there's a better chance it'll end in death for at least one of their members (or their member's members) and loss of some anonymity for the Cartel.  How ironic.

Umm.. thanks Mike but I'll leave your goat milk for someone else's skin. 

My first pick would also be Skull Security.  I'd also recommend:
http://www.renderlab.net/projects/WPA-tables/
http://www.torrentz.com/178f55c67ca0f522831dbc67042a34983e6652f5
http://thepiratebay.org/torrent/4017231/
http://udayallala.blogspot.com/2011/03/cracking-passwords-4.html (a few in here are good from --=Xploitz=--)

If you're using JTR, I suggest you check out (if you don't know already) the --mangle option.
You probably already know this but I'll throw it out there... You could also make your own wordlist after gathering info, email addresses, names.  The company's password policy will give you alot of helpful information minimum password length, complexity, how often it changes, etc.

Have fun! :-)

Hey Guys.  I know many have forgotten about keyloggers and just went onto phishing/SE'ing but I also know there are many of us (myself included) who still use them often.  I've used them as hayabusa described by having an admin come over to my workstation to "help" me or have a look at something, punch in his/her admin creds and I've instantly got elevated credentials.  I also know of quite a few parents who use commercial keyloggers to monitor their kids whereas other parents feel it's an invasion of privacy.  

Anyway, after finding out just how popular they still are, I decided to make up a little vid about them.  A few people recommended one certain keylogger which I haven't used before.... turns out it's quite the nasty little rootkit as well.  (restored the OS and it keeps coming back.  having fun though trying to remove it) lol

Forgot to mention that while researching keyloggers, I ran into several websites (including AV and CERT sites) which all say in the last year or two that "keyloggers have pushed phishing out of first place as the most-used method in the theft of confidential information". 

http://www.pcworld.com/article/242843/anonymous_takes_on_mexican_drug_cartel.html
http://thenextweb.com/la/2011/10/29/how-anonymous-is-threatening-a-mexican-drug-cartel/

Seriously?!  Man, Anonymous vs the world soon...  The cartel is massive.. I wonder if Anonymous can even make a dent.  I do wish them the best of luck though!  Just thought I'd pass on the link.  Pretty interesting.   

I've heard good things about Sleuth Kit and Helix3.  That would sure save you a ton of time if you could just use one of those!