Vulnerabilities / Threats

9/30/2016
09:00 AM
Sean Martin
Sean Martin
Slideshows
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

10 Hottest Sessions At Black Hat Europe 2016

A sneak-peek at some of the more intriguing Briefings at the upcoming conference in London.
Previous
1 of 6
Next

The Black Hat Europe 2016 Conference kicks off November 1 in London.

The Briefings section -- where researchers present new findings and insights -- includes topics from critical infrastructure and Internet of things (IoT) security; human factors in security; vulnerabilities targeting multiple platforms, operating systems, and devices; and the latest in automation and orchestration in detection and response.

Here are 10 hot sessions that must not be missed, with two from each category:

  • Overall
  • AppSec
  • Internet of Things & Smart Grid
  • Mobility
  • Human Factors

 

Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP with articles published globally covering security management, cloud computing, enterprise mobility, governance, risk, and compliance—with a focus on specialized industries such as ... View Full Bio

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/30/2016 | 9:35:57 AM
Oauth2
If there has been an exploit being performed in the wild against oauth this could require rapid patching and changes set to occur for many SSO providers.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/30/2016 | 9:30:54 AM
Automating IR
Interesting, curious as to what open source IR utilities they intend to leverage.
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12633
PUBLISHED: 2018-06-22
An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (...
CVE-2018-12634
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
CVE-2018-12635
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
CVE-2018-12630
PUBLISHED: 2018-06-21
NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.
CVE-2018-12631
PUBLISHED: 2018-06-21
Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.