Risk
9/12/2013
12:41 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Announces First Ever West Coast Trainings Event

Trainings include many of the most popular courses from Black Hat's events

SAN FRANCISCO, Sept. 12, 2013 /PRNewswire/ -- Today, Black Hat, the world's leading family of information security events, announced the first ever West Coast Trainings. Over the course of four days, the security community's brightest researchers will unleash highly technical, hands-on Training courses to attendees in downtown Seattle, Washington. These Trainings include many of the most popular courses from Black Hat's events, as well as several new sessions on today's latest research and intelligence. The event will take place December 9 - 12, 2013, at the Washington State Convention Center. For more information and to register, please visit http://www.blackhat.com/wc-13/.

"At the core, Black Hat's mission is to encourage growth for information security enthusiasts at all levels in their professional careers," explained Trey Ford, General Manager, Black Hat. "These Trainings are not for the faint of heart and offer an unprecedented opportunity for hands-on learning with some of the best in our community."

Some highlights of the upcoming West Coast Trainings include:

-- Advanced C/C++ Source-Code-Analysis: Leaf SR will teach students how to dive into large C/C++ source code projects to find exploitable memory corruption vulnerabilities armed with nothing more than a text editor. -- Advanced OSINT Target Profiling AKA OSINT Target Profiling Like a Pro: Shane MacDougall of JL Bond Consulting, will outline a gamut of tools, websites, and procedures that every penetration tester/attacker should have in their toolkit, while showing that proper profiling can yield a huge lift for the attacker, all without sending a single packet to the target network. -- Hands-On Hardware Hacking and Reverse Engineering: Joe Grand of Grand Idea Studio, Inc., will teach hardware hacking and reverse engineering techniques commonly used against hardware products, including proper use of tools, circuit board analysis, embedded security and more. -- Pentesting with Kali Linux: Offensive Security, the team behind Kali, has re-written this course from the ground up to reflect the most modern and effective techniques that all penetration testers need to know. -- The Exploit Laboratory: Red Team: Saumil Shah will provide participants a hands-on approach to exploiting modern day operating systems, bringing students up to speed on the complexities of the exploit writing required. As with all popular Black Hat courses, the West Coast Trainings will undoubtedly fill up quickly, as they were selected due to the high demand for their content. Be sure to reserve a spot in the Training course(s) of your choice while they are still available. You can find the full list of Trainings available here. Please visit the registration page for additional information.

Future Black Hat Dates and Events Black Hat Regional Summit, Sao Paulo, Brazil, November 26-27, 2013 Black Hat Trainings, Seattle, Washington, December 9-12, 2013 Black Hat Asia 2014, Singapore, March 25-28, 2014 Black Hat USA 2014, Las Vegas, Nevada, August 2-7, 2014 Black Hat Europe 2014, Amsterdam, The Netherlands, October 14-17, 2014

Connect with Black Hat Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat Facebook: http://www.facebook.com/blackhat LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658 Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat For more than 16 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

SOURCE Black Hat

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.