Vulnerabilities / Threats

6/28/2013
01:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Releases Official Schedule

With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosure

SAN FRANCISCO, CA -- June 28, 2013 – Today, Black Hat, the world's leading family of information security events, announced the official schedule for Black Hat USA 2013. Black Hat is where the world's brightest information security professionals and researchers reveal vulnerabilities that impact everything from popular consumer devices to critical international infrastructure. With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosures – the most intense schedule in the event's history. Black Hat USA will take place July 27 – August 1, 2013, at Caesars Palace in Las Vegas. For more information and to register, please visit http://www.blackhat.com/us-13/.

Click here for more of Dark Reading's Black Hat articles.

Headlining the Briefings are keynote speakers, Gen. Keith Alexander, Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) and Brian Muirhead, Chief Engineer, NASA's Jet Propulsion Laboratory, and former manager of the Mars Pathfinder Mission. Gen. Alexander who will take the stage on July 31 will give attendees an insider's look into the U.S. Cyber Command and the interworking of offensive cyber strategy. Mr. Muirhead will present "Take Risk, Don't Fail" on August 1, outlining how the combination of calculated risk taking, the application of well tested technology and a trusted team of experts yielded both awards in leadership and successes in space exploration.

"The quality of this years content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process," explained Trey Ford, General Manager, Black Hat. "The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens."

Some highlights of Black Hat USA 2013's Briefings include:

· Threats to mobile devices such as injecting malware into Apple's iOS devices with malicious chargers, intercepting traffic and SMS messages through compromised femtocells cracking BlackBerry's new OS 10, rooting SIM cards and even building a spyphone that can record conversations and send messages without you ever knowing.

· Preventing attacks on critical infrastructure and national security with talks around insider threats at the FBI, energy fraud and orchestrated blackouts, compromising industrial facilities, threats to major oil and gas pipelines and exploiting network surveillance cameras.

· Exposing vulnerabilities within our homes from automation systems such as HVAC and lighting, to other network-controlled devices such as door locks and garage sensors, to hacking some of the most well known home security systems and even the newest smart TVs.

Returning for its fourth year, Black Hat Arsenal offers researchers and the open source community a venue to demonstrate their recent work live. Running concurrently with the Briefings (July 31 - August 1), all Black Hat USA delegates will have access to the Arsenal's 48 tools and 20 turbo talks, highlighting the latest research of more than 45 of the most esteemed researchers from around the world. Here you will see everything from bypassing a car's security for less than 25 dollars, to analyzing smartphone penetration testing and performing web application security audits.

This year, Black Hat USA has added two additional tracks of content, featuring 11 groupings of workshops, roundtables and groundbreaking presentations by some of the best minds in the industry. Sponsors of Black Hat USA include Diamond Sponsors: Microsoft, Qualys, RSA; Platinum Plus Sponsors: Accuvant LABS, Alien Vault, Cisco, Core Security, LogRhythm, Looking Glass; Platinum Sponsors: Blue Coat, IBM, Lieberman Software, Solera Networks, Symantec and Trustwave.

For more information and to register for Black Hat USA 2013, please visit: http://www.blackhat.com/us-13/.

Connect with Black Hat

Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat

Facebook: http://www.facebook.com/blackhat

LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658

Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat

For more than 15 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech

UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17338
PUBLISHED: 2018-09-23
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
CVE-2018-17341
PUBLISHED: 2018-09-23
BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI.
CVE-2018-17332
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17333
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17334
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.