Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat USA
July 31 - August 5, 2021
Las Vegas, NV, USA
November 4 - October 30, 2021
Toronto, ON, Canada
Black Hat Europe
November 8-11, 2021
Virtual Event
02:00 PM
Black Hat Staff
Black Hat Staff
Event Updates

Black Hat USA 2016: Windows Security

Microsoft's Windows dominates the OS landscape, accounting for 89% of the market (according to Hot Hardware), and the latest Windows upgrade, Windows 10, is now running on 300 million active devices worldwide (reported by Microsoft). Being the leader in the space also makes Windows a huge target for hackers who constantly scan for vulnerabilities in the system.

BadTunnel: How Do I Get Big Brother Power reveals a vulnerability found in all Windows systems released within the last two decades, including Windows 10. The exploit can target a user through a variety of systems, including: Internet Explorer, Microsoft Office, third-party softwares, and more. As soon as this attack is launched, users are vulnerable to external observation. This talk will demonstrate how to protect yourself against this threat, especially on systems no longer supported by Microsoft. 

AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It introduces the Anti-Malware Scan Interface (AMSI), which is designed to target script-based attacks and malware in Windows 10. AMSI targets scripts written in PowerShell, VBScript, JScript etc. and drastically improves the detection and blocking rate of the malicious scripts. Filled with live demonstrations, this talk will explore whether AMSI has enabled Microsoft to finally kill script-based attacks. 

Into The Core - In-Depth Exploration of Windows 10 IoT Core will evaluate how well user information is protected on devices running Windows 10 IoT Core. This talk will analyze the attack surface of Windows 10 IoT Core and describe its potential susceptibility to malware. And since it will likely play a significant role in the future of IoT, this talk will provide recommendations on how to secure a Windows IoT Core device. 

If you want a hands-on experience testing the tools and methodologies used to perform malware analysis on executables found in Windows systems, you should definitely check out  Malware Analysis Crash Course. Students will learn how to create a safe malware analysis environment, extract network and host-based indicators, debug malware, and more. Filled with in-class demonstrations and hands-on labs with real malware, students will have ample opportunity to practice what they have learned.

For a comprehensive overview of everything Black Hat USA 2016 has to offer, you can visit https://www.blackhat.com/us-16 and we hope you’ll join us at the Mandalay Bay Convention Center in Las Vegas, Nevada, July 30-August 4.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions an attacker with read access to a "SVN core" repository could execute arbitrary SQL queries. The following versions contain the fix: Tuleap Community Edition 11.1...
PUBLISHED: 2021-10-18
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not sanitize properly user inputs when constructing the SQL query to browse and search revisions in the CVS repositories. The following versions contain the fix...
PUBLISHED: 2021-10-18
OpenOlat is a web-based e-learning platform for teaching, learning, assessment and communication, an LMS, a learning management system. In affected versions by manipulating the HTTP request an attacker can modify the path of a requested file download in the folder component to point to anywhere on t...
PUBLISHED: 2021-10-18
The evm crate is a pure Rust implementation of Ethereum Virtual Machine. In `evm` crate `< 0.31.0`, `JUMPI` opcode's condition is checked after the destination validity check. However, according to Geth and OpenEthereum, the condition check should happen before the destination validity check. Thi...
PUBLISHED: 2021-10-18
anuko/timetracker is an, open source time tracking system. In affected versions Time Tracker uses browser_today hidden control on a few pages to collect the today's date from user browsers. Because of not checking this parameter for sanity in versions prior to, it was possible to craft ...