#1 - Hacking videos:

date title
2014-03-29 [ScreenCast] CodeFest 2014 - pentesting client/server API (sha1 padding & xxe demo) [watch]
2014-03-29 [Public talk] CodeFest 2014 - pentesting client/server API [watch]
2013-09-17 [ScreenCast] WordPress - From XSS to RCE. Google service (Waze) [watch]
2013-09-06 [ScreenCast] Any.DO 0day exploitaion with mosquito tool (gmail 2-steps auth acc hijacking) [watch]
2013-08-03 [CTF] DEFCON 20 Documentary Full Version (we are on 02:08 :D) [watch]
2013-02-25 [ScreenCast] DroidSheep ARP-spoof demo & Fing + routerpwn.com d-link dir 320 hacking [watch]
2012-08-04 [CTF, TV news] Small video about DEF CON CTF FINAL 20 [watch]
2012-03-31 [ScreenCast] Demo video for CodeFest 2012 [watch]
2012-03-31 [Public talk] CodeFest 2012 - Pentest on Steroids. Automate Process [watch]
2012-03-01 [ScreenCast] Welcome video for CodeFest 2012 [watch]
2011-10-22 [Training] Open InfoSec Days (lesson 5 - Reverse Engineering + fuzzing) [watch]
2011-10-15 [Training] Open InfoSec Days (lesson 4 - SQL injection) [watch]
2011-10-01 [Training] Open InfoSec Days (lesson 3 - File Inclusion) [watch]
2011-09-24 [Training] Open InfoSec Days (lesson 2 - CSRF) [watch]
2011-09-17 [Training] Open InfoSec Days (news) [watch]
2011-09-17 [Training] Open InfoSec Days (lesson 1 - XSS) [watch]

#2 - Security related articles in web:

date title
2014-04-09 BlackBox pestesting of API services [link]
2014-03-19 Practice and experience of D(DOS) attack testing [link]
2014-03-02 Hacking banks systems [link]
2014-01-26 Tricks while analyzing web applications for security holes [link]
2014-01-14 Results of research of authentication methods and some mechanisms for protection against web attacks on Google, VK and others [link]
2013-12-30 2013 0day* vulnerabilities on ICQ, Ebay, Forbes, PayPal and AVG [link]
2013-12-26 ZeroNights'2013 - conference report [link]
2013-10-31 Favorites: Links to IT security sites [link]
2013-10-29 BugsCollector.com - all security bugs on websites at one place [link]
2013-10-20 Howto execute javascript in Google, Facebook, VKontakte iOS application [link]
2013-10-10 Pentesting WordPress without pentesting skills [link]
2013-09-26 6 XSS on harbahabr.ru and about HTTPOnly, CSRF protection, XSS via POST and Cookie Injection [link]
2013-09-18 WordPress - insecure from the box: get Remote Command Execution with editor rights. Hacking Google's service - Waze [link]
2013-09-06 0day in Any.DO Chrome Externsion: Bypassing gmail 2 steps auth via XSS [link]
2013-08-23 Reversing private exploit by video: sending messages on FaceBook from any to any user (via SMTP spoofing) [link]
2013-08-12 Chaos Construction 2013: CTF review-writeup [link]
2013-06-03 Howto to create security department from zero [link]
2013-02-25 Way howto create really secure web-site. Part 3 - office, employees [guide] [link]
2013-02-21 Way howto create really secure web-site. Part 2 - developing process [guide] [link]
2013-02-09 Way howto create really secure web-site. Part 1 - configuration of server software [guide] [link]
2013-02-01 Phishing user's with data (photo, name, surname) from VKontakte, FaceBook [link]
2013-01-23 Mass scan (alexa top) for AXFR DNS queries [link]
2012-10-29 Security Reverse Engineering of vk.com (XSS,anti-csrf tokens algo, etc) [link]
2012-08-04 Review of DEF CON CTF and conference. Experience, tasks, photos [link]
2012-04-10 Pentest on steroids. Automate the process (CodeFest'2012 talk) [link]
2012-04-09 Tools for reverse engineering and binary exploiting [link]
2012-03-16 Ways how to hack application on Zend Framework via sql injection (cheatsheet) [link]
2012-01-28 Hacking "Skolkovo" university and "neighboring" sites [link]
2012-01-05 Review of of free tools for auditing web-resources and not only v2 [link]
2011-08-05 Review of vulnerabilities in web applications, as well as the most common mistakes developers [link]
2011-08-01 "BlackBox" pentesting [link]
2011-07-30 Review of of free tools for auditing web-resources and not only [link]
2011-03-14 Reverse engineering: tvali.ge [link]

#3 - Security related articles in paper magazines

date title
2014-05 [Xakep magazine] - Review of new hacking tools for last month (w/ @D1g1) [pdf]
2014-01 [Xakep magazine] - World of Warcraft: how free servers were hacked [pdf]
2014-01 [Xakep magazine] - Top 5 bugs for last year [pdf]
2014-01 [Xakep magazine] - ZeroNights 0x03: how it was [pdf]
2013-11 [Xakep magazine] - Hacking via Chrome extensions [pdf]
2013-03 [Xakep magazine] - Review of new exploits for last month [pdf]
2013-02 [Xakep magazine] - Review of new exploits for last month [pdf]
2013-01 [Xakep magazine] - Review of new exploits for last month [pdf]

#4 - Public talks

date title
Soon talks
2014-12-06 [OWASP, Moscow] Web security tips & tricks: advanced version [link]
Past talks
2-3 August 2014 [BlackHat USA, Las Vegas] Enterprise Business Application Security: Attack and Defense [link]
2014-06-24 [Hack in Paris, Paris] Enterprise Business Application Security: Attack and Defense [link]
2014-04-15 [RIT++, Moscow] The modern practice of static security analysis of source code in web application [link]
2014-03-29 [CodeFest, Novosibirsk] BlackBox pentesting of API services [link]
2014-02-19 [Information security of banks, Magnitogorsk] [link]
2013-11-08 [ZeroNights 0x03, Moscow] NGinx warhead [link]
2013-10-23 [Information Secutity Russia, Moscow] Hacking big companies: real attack demo [link]
2012-03-31 [CodeFest, Novosibirsk] Pentest on Steroids [link]
2011-2013 [Bitworks, Tomsk] Lessons about websecurity for employees of Bitworks Company
Sep-Nov 2011 [Open InfoSec Days, Tomsk] - free lessons for everyone about websecurity [blogpost], [offical site]