Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat USA
July 31 - August 5, 2021
Las Vegas, NV, USA
SecTor
November 4 - October 30, 2021
Toronto, ON, Canada
Black Hat Europe
November 8-11, 2021
Virtual Event
11/29/2018
09:00 AM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Black Hat Europe: Get the Nation-State Perspective on Cybersecurity

Attendees of Black Hat Europe in London next week will hear about worldwide cybersecurity developments and challenges from the Global Commission on the Stability of Cyberspace's Marina Kaljurand.

Are you ready for Black Hat Europe in London next week? It promises to be jam-packed with valuable learning opportunities! So as you’re planning out your schedule be sure to leave time between seeing old friends and making new ones to attend some of this year’s most intriguing Briefings, Trainings, and Arsenal demos.

Most notably, check out this year’s keynote, Developments and Challenges in Cybersecurity from the Nation-State Perspective. Presented by Global Commission on the Stability of Cyberspace chair and former Estonian Foreign Minister Marina Kaljurand, this premier talk will address the lessons learned from the politically-motivated cyberattacks Estonia weathered in 2007.

It’s a unique opportunity to learn from firsthand accounts of nation-state cyberwarfare. Kaljurand intends to shed light on the challenges we face in 2018/2019, the role of states and other stakeholders in global cybersecurity, and what the future holds. She’ll also introduce you to the work of the Global Commission on Stability in Cyberspace, which is a multi-stakeholder model that contributes to international discussion and policy-making. Don’t miss it!

If you’re after more in-depth learning, know that there’s still time to register for many of the 2-Day Trainings next week, including Mandiant’s Windows Enterprise Incident Response. This intensive course is designed to teach fundamental investigative techniques needed to respond to today's landscape of threat actors and intrusion scenarios. Completely redeveloped with all new material in 2016, the class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and forensic analysis know-how.

Stop by the Black Hat Europe Arsenal to enjoy demos of some potential new tools, including VirusTotal Graph: Investigation, which is a  free visualization tool built on top of the VirusTotal data set. The tool helps you study the relationship between files, urls, domains and IP addresses through an easy navigation interface. By exploring and expanding each of the nodes in your graph, you can build the network and quickly see the connections across the samples you are studying.

You might also want to check out Kurukshetra, a web framework to host reasonably complex secure coding challenges. Developed with the aim of being the first open-source secure coding framework, it’s composed of two components:

  • A backend framework written in PHP, which manages and leverages the underlying docker system to provide a secure sandbox for the challenge execution;
  • Tthe frontend, which is a user-facing web app providing necessary controls, for the admin to host and modify the challenges, and the user to execute and view the result of each of his input.

To close out this year's conference, join Black Hat founder Jeff Moss and members of the esteemed Black Hat Review Board for an insightful conversation on the most pressing issues facing the InfoSec community. This special Locknote: Conclusions and Key Takeaways from Black Hat Europe 2018 Briefing, held at the end of the final day (Thursday, December 6) will review key takeaways coming out of Black Hat Europe and how these trends will impact future security strategies.

Black Hat Europe returns to The Excel in London December 3-6, 2018. For more information on what’s happening at the event and how to register, check out the Black Hat website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26585
PUBLISHED: 2021-06-24
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Global Dashboard. The issue is resolved in 2.32.
CVE-2021-31412
PUBLISHED: 2021-06-24
Improper sanitization of path in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.14 (Vaadin 10.0.0 through 10.0.18), 1.1.0 prior to 2.0.0 (Vaadin 11 prior to 14), 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), and 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 1...
CVE-2021-33604
PUBLISHED: 2021-06-24
URL encoding error in development mode handler in com.vaadin:flow-server versions 2.0.0 through 2.6.1 (Vaadin 14.0.0 through 14.6.1), 3.0.0 through 6.0.9 (Vaadin 15.0.0 through 19.0.8) allows local user to execute arbitrary JavaScript code by opening crafted URL in browser.
CVE-2020-28097
PUBLISHED: 2021-06-24
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
CVE-2020-7862
PUBLISHED: 2021-06-24
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santization when communicating customer process.