Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat Asia
May 4-7, 2021
Virtual Event
Black Hat USA
July 31 - August 5, 2021
Las Vegas, NV, USA
Black Hat Europe
November 8-11, 2021
Virtual Event
3/8/2019
11:00 AM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Sign Up Now for Practical, Hands-On Training at Black Hat Asia

These multi-day Trainings provide excellent hands-on technical skill-building opportunities, but you have to act fast -- many are almost sold out.

With just weeks to go until Black Hat Asia kicks off in Singapore, organizers want to quickly remind you that you can still sign up for two and four-day Training sessions -- but you have to hurry, because many are almost sold out.

Often designed exclusively for Black Hat, these multi-day Trainings provide hands-on technical skill-building opportunities, making them a great way to efficiently level up your skillset under the tutelage of top security experts.

Pentesting Industrial Control Systems”, for example, is a 2-day Training that will teach you everything you need to start pentesting industrial control networks. You’ll cover the basics to help you understand the most common ICS vulnerabilities, then spend some time learning and exploiting Windows & Active Directory weaknesses (as most ICS are controlled by Windows systems).

The Training will end with a challenging hands-on exercise: A capture-the-flag challenge in which you capture a real flag! Using your newly acquired skills, you will try to compromise a Windows Active Directory, then pivot to an ICS setup to take control of a model train and robotic arms.

Tactical OSINT For Pentesters” is another promising 2-Day Training that will help you become a better pentester by teaching you how to effectively reconnoiter a target using open-source intelligence (OSINT).

Covering critical topics like attack surface mapping, employee profiling, and identifying hidden injection points, this Training aims to help you effectively protect clients against the latest threats. You’ll be provided with a framework to manage and prioritize all the data collected during the course, as well as private lab access for one month so you can practice what you learned. Don’t miss it!

If you’re looking for something a bit more advanced, consider “Advanced Infrastructure Hacking - 2019 Edition”, a fast-paced 2-Day Training that covers a wide variety of neat, new and ridiculous techniques to compromise modern operating systems and networking devices.

This is a condensed and streamlined version of a 4-Day Training, and to fit the entire training material within 2 days, some of the exercises have been replaced by demos shown by the instructor. It offers a lot of practical, hands-on learning. Plus,  students will receive a free month of lab access to practice each exercise after the class.

While most of the 4-Day Trainings at Black Hat Asia are now sold out, there’s still a little room left to sign up for “Adversary Tactics- Red Team Ops,” an intense course that will walk you through how to perform Red Team operations and defend against modern threats.

You’ll be immersed in a simulated enterprise environment, with multiple domains, up-to-date and patched operating systems, modern defenses, and active network defenders responding to Red Team activities. You’ll also learn about all phases of a Red Team engagement in depth: advanced attack infrastructure setup and maintenance, user profiling and phishing, advanced Kerberos attacks, data mining, and exfiltration. Sign up quick -- only a few spaces remain!

Black Hat Asia returns to the Marina Bay Sands in Singapore March 26-29, 2019. For more information on what's happening at the event and how to register, check out the Black Hat website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31793
PUBLISHED: 2021-05-06
An issue exists on NightOwl WDB-20-V2 WDB-20-V2_20190314 devices that allows an unauthenticated user to gain access to snapshots and video streams from the doorbell. The binary app offers a web server on port 80 that allows an unauthenticated user to take a snapshot from the doorbell camera via the ...
CVE-2021-31916
PUBLISHED: 2021-05-06
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a syst...
CVE-2021-31918
PUBLISHED: 2021-05-06
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log file is readable to all users during stack update and creation. The highest threat from this vulnerability is to data confidentiality.
CVE-2019-25043
PUBLISHED: 2021-05-06
ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header.
CVE-2020-18889
PUBLISHED: 2021-05-06
Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.