Training »

Registration »

Group »

Press »

Academic
Registration
Now Closed

Call for
Papers
»

event
resources
»

[ COMMUNITY ]

+ EMAIL
+ RSS
+ TWITTER
+ FACEBOOK
+ LINKED.IN

Black Hat DC 2011 //Press

Hyatt Regency Crystal City
training: jan.16 - 17 | briefings: jan.18 - 19

Mobile device makers react differently to attack info, researcher says

When a researcher at an ethical-hacking firm discovered mobile devices from Apple, Google, RIM and HTC had a flaw in them that would allow an attacker using malicious Web code to freeze them up and crash them, he contacted the companies last year. While RIM decided the problem needed to be patched in its BlackBerry devices and Apple worked on its iPhone and iPad, Google and HTC reportedly shrugged off the information that TEHTRI-Security supplied.

network world / Ellen Messmer : 19 January 2011


Lame Stuxnet worm 'full of errors', says security consultant

Far from being cyber-spy geniuses with ninja-like black-hat coding skills, the developers of Stuxnet made a number of mistakes that exposed their malware to earlier detection and meant the worm spread more widely than intended.

the register / John Leyden : 19 January 2011


Black Hat: Microsoft Donates Security Tools

Microsoft (NASDAQ: MSFT) quietly announced this week that it has released betas of three updated security testing tools, targeting security professionals and ISVs in an attempt to encourage development of less vulnerable software.

esecurityplanet / Stuart J. Johnston : 19 January 2011


Gaping security flaw exposed on anti-tamper devices

Security devices used in transportation, packaging and even in accounting for nuclear materials are very vulnerable to attack, two security researchers warned on Tuesday at the Black Hat security conference.

computerworld / Patrick Thibodeau : 18 January 2011


Inside Stuxnet: Why it Works and Why the U.S. Shouldn't Worry

Tom Parker, director of Security Consulting Services at security vendor Securicon, is taking a deeper look at the technology behind Stuxnext and is detailing his technical analysis of Stuxnet this week at the Black Hat security conference in Washington, D.C. Parker also has some suggestions as to the actual risks that Stuxnet poses and how to mitigate and defend against them.

esecurityplanet / Sean Michael Kerner : 18 January 2011


Researcher Hacks Smartphone Radio Chips

Research associate Ralf-Philipp Weinmann is to show how malicious mobile phone towers can be used to hack directly into a handset’s baseband processor, the chip used to send and receive radio signals.

eweekeurope / Matthew Broersma : 18 January 2011


Will electronic toll systems become terrorist targets?

The technology, commonly used for electronic toll collection, will someday be used for controlling traffic flow and warning drivers of highway dangers – a system that could be exploited if not implemented properly, says Rob Havelt, director of penetration testing at security vendor Trustwave's SpiderLabs, who will co-present a briefing called "Hacking the Fast Lane: Security Issues with 802.11p, DSRC and WAVE".

network world / Tim Greene : 18 January 2011


Researcher warns of 'Baseband Apocalypse'

A security researcher is warning that recent advances in open-source mobile base stations could leave smartphones vulnerable to attack over-the-air, exploiting vulnerabilities in the previously unreachable baseband processor.

thinq.co.uk / Gareth Halfacree : 17 January 2011


Coming Soon: A New Way to Hack Into Your Smartphone

In a presentation set for next week's Black Hat conference in Washington D.C., University of Luxembourg research associate Ralf-Philipp Weinmann says he plans to demonstrate his new technique on an iPhone and an Android device, showing how they could be converted into clandestine spying systems. "I will demo how to use the auto-answer feature present in most phones to turn the telephone into a remote listening device," he said in an e-mail interview.

idg news / Robert McMillan : 17 January 2011


Hacker cracks W-LAN password in 20 mins using Amazon cloud

A German hacker says he cracked the wireless LAN password of his neighbour in 20 minutes – using the cloud computing power available on Amazon in a demonstration which he says should sensitise people and businesses to security issues.

the local / 16 January 2011


How Attackers Get Away With Data

The exfiltration stage of data theft often garners less attention than the methods used to infect computers, but is no less important. At Black Hat DC, Sean Coyne, a security consultant at Mandiant, is offering attendees a look at some of the more advanced ways attackers sneak data out of the digital doors of enterprises.

eweek.com / Brian Prince : 13 January 2011


SAP Acquires Security As Black Hats Take Aim

As SAP buys into ID management, an event at Black Hat DC will put Web-enabled SAP apps in the line of fire.

eweek europe / Brian Prince : 13 January 2011


How Amazon EC2 Used to Crack Password Wireless Networks

A security researcher will reveal at Black Hat DC how he deployed password-testing software on Amazon EC2 to break into a secured wireless network using WPA-PSK.

b2b news : 12 January 2011


Quick, cheap way to hack WiFi using Amazon servers to be revealed

The method, which uses Amazon’s cloud-based server hosting service, reportedly tests 400,000 potential WiFi passwords per second in order to break into networks. A German security consultant, Thomas Roth is going to distribute and discuss the technique at the Black Hat conference in Washington, D.C.

the next web / Martin Bryant : 7 January 2011


Adobe To Detail Cloud DoS Attacks

Adobe engineer Bryan Sullivan said that he will be discussing Denial of Service (DoS) attacks in the cloud era, at Black hat DC later this month. He especially referred to a flaw in current PHP code that would enable an attacker to send an application into an infinite loop. Sullivan explained that cloud DoS techniques are relatively simple to plant and require a “single http request with less than 1000 bytes of code”. What is scary about these attacks is that they can hold thousands of cloud users hostage.

conceivably tech / Wolfgang Gruener : 7 January 2011