Black Hat Asia
March 24-27, 2015
Marina Bay Sands | Singapore
Black Hat USA
August 1-6, 2015
Mandalay Bay | Las Vegas, NV
Black Hat Europe
November 10-13, 2015
Amsterdam RAI | The Netherlands
5/20/2014
01:00 PM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Black Hat USA 2014: Something in the Air

Today's quartet of Black Hat 2014 Training highlights delve into the wide world of wireless hacking.

We start off from a defensive posture with Foundstone's Ultimate Hacking: Wireless. Sure, your org's got an authorized wireless infrastructure, but what about the wireless networks that aren't supposed to be there? The "temporary" access point that's still there months later? That AP brought in by a passing contractor? All are possible attack points. This Training aims to help you see WiFi networks like hackers do, which will give you the knowledge you need to defend against WiFi hackers' increasingly sophisticated tools, techniques, and methods. 

A case in point might be someone with the knowledge offered in our next highlighted Training, Hacking by Numbers Reloaded: Wireless Bootcamp. Starting from the basics, you'll learn the standard techniques Sensepost's analysts use in their wireless engagements, eventually working your way up to bleeding-edge research. Expect theory, practical exercises, and a lot of hands-on WiFi hacking. WPA won't know what hit it. 

Looking beyond WiFi, software-defined radio is an idea whose time has finally come. The aptly named Training Software Defined Radio will bring you up to speed on this brave new world of freeform radio with the help of a shiny new HackRF One SDR radio transceiver, yours to keep. Or for another approach to the topic check out Radio Exploitation, which will show you how to intercept, demodulate, decode, and reverse engineer RF signals, as well as exploit vulnerabilities in RF systems. WiFi too passé? Check out these waveforms! 

Ready to register? Early-bird rates are available until June 2. Please visit Black Hat USA 2014's registration page to get started. 

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-2086
Published: 2015-02-26
Cross-site scripting (XSS) vulnerability in the live preview in the Panopoly Magic module before 7.x-1.17 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a pane title.

CVE-2015-2087
Published: 2015-02-26
Unrestricted file upload vulnerability in the Avatar Uploader module before 6.x-1.3 for Drupal allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via unspecified vectors.

CVE-2015-2088
Published: 2015-02-26
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Term Queue module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CVE-2015-2089
Published: 2015-02-26
Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (...

CVE-2015-2090
Published: 2015-02-26
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.