Over the last few weeks Dark Reading editors have peppered you with stories about the glories of Black Hat past and sneak previews of what's to come when security professionals from around the globe convene for the 17th annual Black Hat USA 2014.
Can't make the trip? Not to worry. Dark Reading has a created a virtual alternative. We've commandeered space at the Mandalay Bay for a temporary radio studio where we will broadcast four live episodes of Dark Reading complete with audio interviews and live text chats with our guests.
Here's the schedule, so be sure to bookmark the date and time:
Wednesday, August 6
The State of Cloud Security, 1:00 p.m. ET (10:00 a.m. PT)
Our guest, Jim Reavis, co-founder and executive director of the Cloud Security Alliance, will preview the latest CSA research report on the current state of global cloud adoption, security barriers in the cloud, and offer some predictions on the direction of the cloud market based on his interactions with global enterprises.
Jim is the President of Reavis Consulting Group LLC, where he advises organizations on how to take advantage of the latest security trends. He has served as an international board member of the Information Systems Security Association and was co-founder of the Alliance for Enterprise Security Risk Management.
Airport Security: Can A Weapon Get Past TSA? 8:00 p.m. ET (5:00 p.m. PT)
Join us as for a recap of Billy Rios's Black Hat presentation on how a variety of airport security systems actually work, and where their weaknesses are. We'll discuss modern airport security procedures, how these devices are used to detect threats, and findings about some bugs he's discovered.
Billy studies emerging threats with a focus on embedded devices, Industrial Control Systems (ICS), and Critical Infrastructure (CI). Before Qualys, Billy was a technical lead at Google where he led the frontline response for externally reported security issues and incidents. Prior to Google, he was the security program manager at Internet Explorer (Microsoft). During his time at Microsoft, Billy led the company's response for several high-profile incidents, including the response for Operation Aurora. Before Microsoft, he worked as a penetration tester, an intrusion detection analyst, and served as an active duty Marine Corps Officer.
Thursday, August 7
Military Strategies & Cyber Security 1:00 p.m. ET (10:00 a.m. PT)
Just as one should never bring a knife to a gun fight, a network defender should not rely on tired maxims such as "perimeter defense" and "defense in depth." Today's adversaries are well past that. Tom Cross, director of security research at Lancope will share the highlights of his Black Hat talk, "The Library of Sparta," the playbook nation-state adversaries are using to target and attack your organizations, and the new approaches you must use to defeat them.
Tom works on advancing the state-of-the-art in network behavioral anomaly detection with netflow. He has over a decade of experience as a computer security researcher and thought leader. He is credited with discovering a number of critical security vulnerabilities in enterprise-class software and has published papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. He was previously manager of X-Force Research at IBM Internet Security Systems. He has spoken at numerous security conferences, including Black Hat, DEF CON, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides.
Android's Fake ID Vulnerability, 7:00 p.m. ET (4:00 p.m. PT)
Every Android application has its own unique identity, typically inherited from the corporate developer's identity. The Bluebox Security research team recently discovered a new vulnerability in Android, which allows these identities to be copied and used for nefarious purposes. Fresh from his Black Hat presentation, Jeff Forristal will walk through the technical root cause of this responsibly disclosed vulnerability and explain why it's a problem and how an attacker could create an exploit for it.
Jeff is a security technology professional with over a decade of experience in the security industry. He has written multiple features and cover-story articles for Network Computing and Secure Enterprise magazines; he is also a contributing author to multiple books. Under the pseudonym "Rain Forest Puppy," Jeff has been recognized as an industry expert in web application security and was responsible for the first publicized responsible security disclosure policy (2000), the first publicized recognition of SQL injection (Phrack, 1998), and the first intelligent open source web application scanner (Whisker, 1999).
If you can't make the live session, you can revisit the broadcast from our Dark Reading Radio archives. We'll also be prerecording a number of Black Hat speaker interviews from the show, which we will rebroadcast with accompanying live text chats in the coming weeks. So stay tuned!
As always, if you have any questions or comments about the upcoming Dark Reading Radio @Black Hat shows, please post them in the comments and we will bring them to the broadcasts in Las Vegas.