Black Hat Europe
October 14-17, 2014
Amsterdam Rai, The Netherlands
7/29/2014
01:00 PM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Black Hat USA 2014: Virtual Reality Check

Virtualization is the future (and often the present) of large-scale IT, but like any technology, it has its share of flaws and shortcomings. Today, as we near the beginning of Black Hat USA 2014, we highlight three Briefings that explore the world of virtualized systems... more specifically, how to break and/or protect them.

Hypervisors are here to stay and promise to shrink the attack surfaces of exposed systems. But Rafal Wojtczuk has been breaking them for eight years, and, oh, does he have some tales to tell. Poacher Turned Gamekeeper: Lessons Learned from Eight Years of Breaking Hypervisors will begin with a trip down memory lane, revisiting major hypervisor breakouts and throwing in a few new exploits, too. Later, he'll examine hypervisor security; does it really live up to the promises? Not at all. In fact, he'll reveal why he believes most hypervisors aren't built with security in mind, as well as his suggestions to harden them.

OpenStack allows you to manage a cloud of VMs, and it has grown into a widely adopted platform. The issue with having a centralized IaaS is that, if you compromise the management cluster, you can attack everything it controls, which is a lot at Yahoo scale. How do you keep your OpenStack cluster safe? What do you do when a management system, hypervisor, or VM is compromised? OpenStack Cloud at Yahoo! Scale: How to Avoid Disaster will discuss how to harden your cluster and make large breaches less likely. And if a breach does occur, you'll find out how to contain it. Bonus: Examples will be drawn from Yahoo's massive deployments of OpenStack clusters.

Finally, it's an arms race between malware authors and forensics experts, and dynamic analysis (sandboxing) is one of good guys' best weapons. But malware authors are evading it in ever-increasing ways. What to do? Full System Emulation: Achieving Successful Automated Dynamic Analysis of Evasive Malware will be a 101, a 201, and possibly a 301 on leveraging full-system emulation, showing you the pros and cons of this methodology, as well as intel on the latest malware evasion techniques observed in the wild.

Regular registration ended July 26, which was a couple of days ago. What are you doing over there? Do you always procrastinate so much? Better visit Black Hat USA 2014's registration page to see what your options are.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1421
Published: 2014-11-25
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

CVE-2014-3605
Published: 2014-11-25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6407. Reason: This candidate is a reservation duplicate of CVE-2014-6407. Notes: All CVE users should reference CVE-2014-6407 instead of this candidate. All references and descriptions in this candidate have been removed to pre...

CVE-2014-6093
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6196
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory (WEF) 6.1.5 through 8.5.0.1, as used in WebSphere Dashboard Framework (WDF) and Lotus Widget Factory (LWF), allows remote attackers to inject arbitrary web script or HTML by leveraging a Dojo builder error in an unspecified WebSp...

CVE-2014-7247
Published: 2014-11-25
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?