Vulnerabilities / Threats

6/28/2013
01:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Releases Official Schedule

With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosure

SAN FRANCISCO, CA -- June 28, 2013 – Today, Black Hat, the world's leading family of information security events, announced the official schedule for Black Hat USA 2013. Black Hat is where the world's brightest information security professionals and researchers reveal vulnerabilities that impact everything from popular consumer devices to critical international infrastructure. With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosures – the most intense schedule in the event's history. Black Hat USA will take place July 27 – August 1, 2013, at Caesars Palace in Las Vegas. For more information and to register, please visit http://www.blackhat.com/us-13/.

Click here for more of Dark Reading's Black Hat articles.

Headlining the Briefings are keynote speakers, Gen. Keith Alexander, Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) and Brian Muirhead, Chief Engineer, NASA's Jet Propulsion Laboratory, and former manager of the Mars Pathfinder Mission. Gen. Alexander who will take the stage on July 31 will give attendees an insider's look into the U.S. Cyber Command and the interworking of offensive cyber strategy. Mr. Muirhead will present "Take Risk, Don't Fail" on August 1, outlining how the combination of calculated risk taking, the application of well tested technology and a trusted team of experts yielded both awards in leadership and successes in space exploration.

"The quality of this years content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process," explained Trey Ford, General Manager, Black Hat. "The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens."

Some highlights of Black Hat USA 2013's Briefings include:

· Threats to mobile devices such as injecting malware into Apple's iOS devices with malicious chargers, intercepting traffic and SMS messages through compromised femtocells cracking BlackBerry's new OS 10, rooting SIM cards and even building a spyphone that can record conversations and send messages without you ever knowing.

· Preventing attacks on critical infrastructure and national security with talks around insider threats at the FBI, energy fraud and orchestrated blackouts, compromising industrial facilities, threats to major oil and gas pipelines and exploiting network surveillance cameras.

· Exposing vulnerabilities within our homes from automation systems such as HVAC and lighting, to other network-controlled devices such as door locks and garage sensors, to hacking some of the most well known home security systems and even the newest smart TVs.

Returning for its fourth year, Black Hat Arsenal offers researchers and the open source community a venue to demonstrate their recent work live. Running concurrently with the Briefings (July 31 - August 1), all Black Hat USA delegates will have access to the Arsenal's 48 tools and 20 turbo talks, highlighting the latest research of more than 45 of the most esteemed researchers from around the world. Here you will see everything from bypassing a car's security for less than 25 dollars, to analyzing smartphone penetration testing and performing web application security audits.

This year, Black Hat USA has added two additional tracks of content, featuring 11 groupings of workshops, roundtables and groundbreaking presentations by some of the best minds in the industry. Sponsors of Black Hat USA include Diamond Sponsors: Microsoft, Qualys, RSA; Platinum Plus Sponsors: Accuvant LABS, Alien Vault, Cisco, Core Security, LogRhythm, Looking Glass; Platinum Sponsors: Blue Coat, IBM, Lieberman Software, Solera Networks, Symantec and Trustwave.

For more information and to register for Black Hat USA 2013, please visit: http://www.blackhat.com/us-13/.

Connect with Black Hat

Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat

Facebook: http://www.facebook.com/blackhat

LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658

Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat

For more than 15 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech

UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
The Fundamental Flaw in Security Awareness Programs
Ira Winkler, CISSP, President, Secure Mentem,  7/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14492
PUBLISHED: 2018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
CVE-2018-3770
PUBLISHED: 2018-07-20
A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the local files.
CVE-2018-3771
PUBLISHED: 2018-07-20
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVE-2018-5065
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-5066
PUBLISHED: 2018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.