Vulnerabilities / Threats

6/23/2017
09:10 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

8 Hot Hacking Tools to Come out of Black Hat USA

High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas.
Previous
1 of 9
Next

Image Source: Adobe Stock

Image Source: Adobe Stock

Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.

This year is no different. Expect a full slate of new tools coming out of the Black Hat Briefings and Arsenel talks.

Here are a few highlights.

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the conference schedule and to register.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
NilsDecker
100%
0%
NilsDecker,
User Rank: Apprentice
7/12/2017 | 3:51:01 PM
Thanks for sharing!
Really nice list, thanks for Ericka. Looking forward to lots of meetings and learning sessions at Blackhat again this year! :-)
Lightforge
50%
50%
Lightforge,
User Rank: Author
7/10/2017 | 12:09:53 PM
Thanks for sharing
Always great to find new tools or techniques to look into. Thank you for sharing this information.
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Mueller Probe Yields Hacking Indictments for 12 Russian Military Officers
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/13/2018
10 Ways to Protect Protocols That Aren't DNS
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/16/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10869
PUBLISHED: 2018-07-19
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
CVE-2018-10870
PUBLISHED: 2018-07-19
redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution.
CVE-2018-12959
PUBLISHED: 2018-07-19
The approveAndCall function of a smart contract implementation for Aditus (ADI), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all contract balances into their account).
CVE-2018-14336
PUBLISHED: 2018-07-19
TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC addresses.
CVE-2018-10620
PUBLISHED: 2018-07-19
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code t...