Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

8/3/2015
08:01 AM
Sara Peters
Sara Peters
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Dark Reading News Desk Comes To You Live From Black Hat

Live video coverage from Las Vegas Wednesday and Thursday

It's one of the busiest weeks in the infosec year. The Black Hat USA conference in Las Vegas is, and has always been, full of security researchers announcing and showing proof-of-concept demos of entirely new classes of attacks and vulnerabilities.

It's grown to include extensive training courses and now a CISO Summit featuring Dark Reading's own Tim Wilson and Kelly Jackson-Higgins. It's too much for any one person to see.

Dark Reading is here to help you through it. In addition to our usual coverage, we have a new offering: the Dark Reading News Desk -- three hours of live video interviews with Black Hat speakers and sponsors both Wednesday and Thursday, live from the show, with yours truly as your anchor. 

The best news is, you get hours and hours of me. The worst news is, you get hours and hours of me.

It's got all the risks and rewards of live broadcasts: "you heard it here first" breaking news, people falling out of chairs, terrifying shark attacks and triumphant escapes from terrifying shark attacks.

What new practices will you learn? What new vulnerabilities will be revealed? What new products will be launched? What new wig will I wear? Who knows?!

Tune in Wednesday and Thursday at 2 p.m. Eastern / 11 a.m. Pacific to find out. Here's the line-up of expert guests (subject to change):

Wednesday, Aug. 5:

2 p.m. ET / 11 a.m. PT

  • Gautam Aggarwal, CMO of Bay Dynamics, to discuss cyber risk predictive analytics
  • Rod Beckstrom, founding Director of the U.S. National Cybersecurity Center and Chairman of the Global Council on the Future of the Internet, to discuss geo-political aspects of cybersecurity
  • Roger Hellman, global marketing manager for security solutions at IBM
  • Cory Scott, director of house security at LinkedIn, to discuss a new Tactical Security Program and the art of "getting things done”
  • Adam Meyers, VP of intelligence for CrowdStrike, to discuss intelligence-driven security
  • Stacey Halota, CISO of Graham Holdings Co., to discuss mobile security

3 p.m. ET / 12 p.m. PT

  • Jeremiah Grossman, founder of WhiteHat Security and member of the Black Hat Review Board, to discuss trends in web security and give a behind-the-scenes look at the Black Hat Briefings selection process
  • Patrick Wardle,  director of research at Synack, to give a rundown about "writing [email protected]$$ malware for OS X"
  • John Dickson, CISSP,  principal of the Denim Group, to provide the attendee's perspective on what's cool at Black Hat
  • Greg Conti, director of the Army Cyber Institute at West Point, Tom Cross, CTO of Drawbridge Networks, and David Raymond, associate professor at West Point -- to discuss smart cities security and their session "Pen Testing a City"
  • Jason Larsen, principal security consultant at IOActive, to discuss physical attacks and smart buildings/cities

4 p.m. ET / 1 p.m. PT

  • Raffael Marty,  founder and CEO of PixlCloud, about using visualization to make log analysis and forensic investigations more efficient and effective
  • Richard Bejtlich, chief security strategist of FireEye and senior fellow of the Brookings Institution, to discuss thinking strategically about digital security
  • Paul Vixie,  CEO of Farsight Security, to discuss how passive DNS can minimize the collateral damage done by law enforcement when they take down organized cybercrime groups
  • Chris Wysopal, co-founder and CTO of Veracode, to talk about application security and vulnerabilities in fundamental components of open-source software and protocols
  • Jim Anderson, president of the Americas, BAE Systems Applied Intelligence, to discuss cyber defense, threat intelligence, and analytics
  • Engin Kirda, chief architect at Lastline, to discuss how most ransomware isn't at complex as you think

Thursday, Aug. 6:

2 p.m. ET / 11 a.m. PT

  • Marion Marschalek, malware reverse engineer on duty for Cyphort, to discuss the peculiarities of nation-state malware research
  • Arian Evans, VP of Product Strategy, RiskIQ, online digital asset inventory, discovery, and security firm
  • Bob Stratton, general partner of MACH37, to identify the hot areas are for security funding and the common mistakes that security startups make
  • Kelly Jackson-Higgins, executive editor of Dark Reading, to give a rundown of the top stories and trends out of Black Hat so far

3 p.m. ET / 12 p.m. PT

  • Shehzad Merchant, CTO Gigamon, network visibility, analytics, and security provider
  • Juan Pablo Perez-Etchegoyen, CTO of Onapsis, to discuss exploiting and defending SAP systems
  • Katie Moussouris, chief policy officer for HackerOne, to discuss how the Wassenaar Arrangement's export control of intrusion software affects the security industry
  • Paul Kurtz, former cybersecurity advisor to the White House, on the importance of information sharing between the public and private sectors, and the impacts of legislation on cybersecurity

4 p.m. ET / 1 p.m. PT

  • Dan Kaminsky, chief scientist and founder of White Ops and keynote speaker of the CISO Summit, to discuss the future of infosec
  • Alexander Matrosov and Oleksandr Bazhaniuk, security researchers for Intel's Advanced Threat Research team, to discuss attacking hypervisors using firmware and hardware
  • Adam Kozy, researcher at CrowdStrike, to discuss China's Great Cannon offensive system
  • Kyle Wilhoit, senior threat researcher at Trend Micro, to break down real attacks against gas pump monitoring systems

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/3/2015 | 2:25:14 PM
Excited
Very much looking forward to these topics! The two below in particular:

 

Raffael Marty,  founder and CEO of PixlCloud, about using visualization to make log analysis and forensic investigations more efficient and effective

Adam Kozy, researcher at CrowdStrike, to discuss China's Great Cannon offensive system
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
8/3/2015 | 12:15:44 PM
Re: Not clear how to sign up

@JaniceP928 --There will be a link posted on the home page later this week pointing to the live feed. You'll see it before Wednesday. So stay tuned. And thanks for asking!
JaniceP928
50%
50%
JaniceP928,
User Rank: Apprentice
8/3/2015 | 12:12:29 PM
Not clear how to sign up
From the article it isn't clear how to sign up for the live feed.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15570
PUBLISHED: 2020-07-06
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
CVE-2020-15569
PUBLISHED: 2020-07-06
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
CVE-2020-7690
PUBLISHED: 2020-07-06
It's possible to inject JavaScript code via the html method.
CVE-2020-7691
PUBLISHED: 2020-07-06
It's possible to use <<script>script> in order to go over the filtering regex.
CVE-2020-15562
PUBLISHED: 2020-07-06
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in the xmlns (aka XML namespace) attribute of a HEAD element when an SVG element exists.