Black Hat Europe
November 10-13, 2015
Amsterdam RAI | The Netherlands
BH Executive Summit
December 8-10, 2015
Omni Montelucia | Scottsdale, AZ
Black Hat Asia
March 29 - April 1, 2016
Marina Bay Sands | Singapore
01:00 PM
Black Hat Staff
Black Hat Staff
Event Updates

Black Hat USA 2014: Danger! High Bandwidth

Now that the world is basically one giant network, it's kind of mind-blowing to look back at computers from the days before they were so intimately intertwined. But the ubiquity of networking is also our Achilles' heel, which today's trio of Black Hat Briefings amply illustrate with their focus on Internet-based attacks.

Consumer premises equipment (CPE) like routers is nearly ubiquitous these days, but abuse of such devices is inordinately problematic, given the owner's subsequent difficulty in interfacing with the device to fix it, as well as the long-rotted, vulnerable code that exists in almost all such equipment. The result is an Internet-scale problem, almost like a public health crisis. Abuse of CPE Devices and Recommended Fixes will attempt to quantify the risk at work here -- think of all those midscale DSL connections just waiting to be harnessed for a DDoS -- and offer some recommendations on quelling this epidemic before it strikes.

RIPE NCC allocated its last IPv4 address space quite some time ago, so IPv6 is here, whether you decide to acknowledge it or not. Perhaps your ears will perk up when you come to Evasion of High-End IPS Devices in the Age of IPv6, in which Antonios Atlasis and Enno Rey will debut three novel techniques that allow attackers to exploit IPv6 and blind high-end commercial security devices. With these tricks, bad guys can launch any kind of attack, but the presenters will suggest potential mitigating measures, both short-term and long.

MultiPath TCP (MPTCP) is an extension to TCP that enables sessions to use multiple network endpoints and multiple network paths at the same time, and to change addresses in the middle of a connection. Though MPTCP works transparently over most network infrastructure, very few security and network management tools can correctly interpret MPTCP streams. Network security is changed: How do you secure traffic when you can't see it all and when the endpoint addresses change in the middle of a connection? Come to Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols for a primer on MPTCP's assumption breaking, as well as tools and strategies for mitigating the risks of MPTCP-capable devices.

Regular registration ends July 26, which is really soon. Please visit Black Hat USA 2014's registration page to get started.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Current Issue
E-Commerce Security: What Every Enterprise Needs to Know
The mainstream use of EMV smartcards in the US has experts predicting an increase in online fraud. Organizations will need to look at new tools and processes for building better breach detection and response capabilities.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio