Vulnerabilities / Threats

6/28/2013
01:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Releases Official Schedule

With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosure

SAN FRANCISCO, CA -- June 28, 2013 – Today, Black Hat, the world's leading family of information security events, announced the official schedule for Black Hat USA 2013. Black Hat is where the world's brightest information security professionals and researchers reveal vulnerabilities that impact everything from popular consumer devices to critical international infrastructure. With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosures – the most intense schedule in the event's history. Black Hat USA will take place July 27 – August 1, 2013, at Caesars Palace in Las Vegas. For more information and to register, please visit http://www.blackhat.com/us-13/.

Click here for more of Dark Reading's Black Hat articles.

Headlining the Briefings are keynote speakers, Gen. Keith Alexander, Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) and Brian Muirhead, Chief Engineer, NASA's Jet Propulsion Laboratory, and former manager of the Mars Pathfinder Mission. Gen. Alexander who will take the stage on July 31 will give attendees an insider's look into the U.S. Cyber Command and the interworking of offensive cyber strategy. Mr. Muirhead will present "Take Risk, Don't Fail" on August 1, outlining how the combination of calculated risk taking, the application of well tested technology and a trusted team of experts yielded both awards in leadership and successes in space exploration.

"The quality of this years content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process," explained Trey Ford, General Manager, Black Hat. "The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens."

Some highlights of Black Hat USA 2013's Briefings include:

· Threats to mobile devices such as injecting malware into Apple's iOS devices with malicious chargers, intercepting traffic and SMS messages through compromised femtocells cracking BlackBerry's new OS 10, rooting SIM cards and even building a spyphone that can record conversations and send messages without you ever knowing.

· Preventing attacks on critical infrastructure and national security with talks around insider threats at the FBI, energy fraud and orchestrated blackouts, compromising industrial facilities, threats to major oil and gas pipelines and exploiting network surveillance cameras.

· Exposing vulnerabilities within our homes from automation systems such as HVAC and lighting, to other network-controlled devices such as door locks and garage sensors, to hacking some of the most well known home security systems and even the newest smart TVs.

Returning for its fourth year, Black Hat Arsenal offers researchers and the open source community a venue to demonstrate their recent work live. Running concurrently with the Briefings (July 31 - August 1), all Black Hat USA delegates will have access to the Arsenal's 48 tools and 20 turbo talks, highlighting the latest research of more than 45 of the most esteemed researchers from around the world. Here you will see everything from bypassing a car's security for less than 25 dollars, to analyzing smartphone penetration testing and performing web application security audits.

This year, Black Hat USA has added two additional tracks of content, featuring 11 groupings of workshops, roundtables and groundbreaking presentations by some of the best minds in the industry. Sponsors of Black Hat USA include Diamond Sponsors: Microsoft, Qualys, RSA; Platinum Plus Sponsors: Accuvant LABS, Alien Vault, Cisco, Core Security, LogRhythm, Looking Glass; Platinum Sponsors: Blue Coat, IBM, Lieberman Software, Solera Networks, Symantec and Trustwave.

For more information and to register for Black Hat USA 2013, please visit: http://www.blackhat.com/us-13/.

Connect with Black Hat

Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat

Facebook: http://www.facebook.com/blackhat

LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658

Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat

For more than 15 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech

UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.