Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/28/2013
01:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Releases Official Schedule

With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosure

SAN FRANCISCO, CA -- June 28, 2013 – Today, Black Hat, the world's leading family of information security events, announced the official schedule for Black Hat USA 2013. Black Hat is where the world's brightest information security professionals and researchers reveal vulnerabilities that impact everything from popular consumer devices to critical international infrastructure. With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosures – the most intense schedule in the event's history. Black Hat USA will take place July 27 – August 1, 2013, at Caesars Palace in Las Vegas. For more information and to register, please visit http://www.blackhat.com/us-13/.

Click here for more of Dark Reading's Black Hat articles.

Headlining the Briefings are keynote speakers, Gen. Keith Alexander, Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) and Brian Muirhead, Chief Engineer, NASA's Jet Propulsion Laboratory, and former manager of the Mars Pathfinder Mission. Gen. Alexander who will take the stage on July 31 will give attendees an insider's look into the U.S. Cyber Command and the interworking of offensive cyber strategy. Mr. Muirhead will present "Take Risk, Don't Fail" on August 1, outlining how the combination of calculated risk taking, the application of well tested technology and a trusted team of experts yielded both awards in leadership and successes in space exploration.

"The quality of this years content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process," explained Trey Ford, General Manager, Black Hat. "The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens."

Some highlights of Black Hat USA 2013's Briefings include:

· Threats to mobile devices such as injecting malware into Apple's iOS devices with malicious chargers, intercepting traffic and SMS messages through compromised femtocells cracking BlackBerry's new OS 10, rooting SIM cards and even building a spyphone that can record conversations and send messages without you ever knowing.

· Preventing attacks on critical infrastructure and national security with talks around insider threats at the FBI, energy fraud and orchestrated blackouts, compromising industrial facilities, threats to major oil and gas pipelines and exploiting network surveillance cameras.

· Exposing vulnerabilities within our homes from automation systems such as HVAC and lighting, to other network-controlled devices such as door locks and garage sensors, to hacking some of the most well known home security systems and even the newest smart TVs.

Returning for its fourth year, Black Hat Arsenal offers researchers and the open source community a venue to demonstrate their recent work live. Running concurrently with the Briefings (July 31 - August 1), all Black Hat USA delegates will have access to the Arsenal's 48 tools and 20 turbo talks, highlighting the latest research of more than 45 of the most esteemed researchers from around the world. Here you will see everything from bypassing a car's security for less than 25 dollars, to analyzing smartphone penetration testing and performing web application security audits.

This year, Black Hat USA has added two additional tracks of content, featuring 11 groupings of workshops, roundtables and groundbreaking presentations by some of the best minds in the industry. Sponsors of Black Hat USA include Diamond Sponsors: Microsoft, Qualys, RSA; Platinum Plus Sponsors: Accuvant LABS, Alien Vault, Cisco, Core Security, LogRhythm, Looking Glass; Platinum Sponsors: Blue Coat, IBM, Lieberman Software, Solera Networks, Symantec and Trustwave.

For more information and to register for Black Hat USA 2013, please visit: http://www.blackhat.com/us-13/.

Connect with Black Hat

Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat

Facebook: http://www.facebook.com/blackhat

LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658

Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat

For more than 15 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech

UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...