Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

8/3/2015
08:01 AM
Sara Peters
Sara Peters
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Dark Reading News Desk Comes To You Live From Black Hat

Live video coverage from Las Vegas Wednesday and Thursday

It's one of the busiest weeks in the infosec year. The Black Hat USA conference in Las Vegas is, and has always been, full of security researchers announcing and showing proof-of-concept demos of entirely new classes of attacks and vulnerabilities.

It's grown to include extensive training courses and now a CISO Summit featuring Dark Reading's own Tim Wilson and Kelly Jackson-Higgins. It's too much for any one person to see.

Dark Reading is here to help you through it. In addition to our usual coverage, we have a new offering: the Dark Reading News Desk -- three hours of live video interviews with Black Hat speakers and sponsors both Wednesday and Thursday, live from the show, with yours truly as your anchor. 

The best news is, you get hours and hours of me. The worst news is, you get hours and hours of me.

It's got all the risks and rewards of live broadcasts: "you heard it here first" breaking news, people falling out of chairs, terrifying shark attacks and triumphant escapes from terrifying shark attacks.

What new practices will you learn? What new vulnerabilities will be revealed? What new products will be launched? What new wig will I wear? Who knows?!

Tune in Wednesday and Thursday at 2 p.m. Eastern / 11 a.m. Pacific to find out. Here's the line-up of expert guests (subject to change):

Wednesday, Aug. 5:

2 p.m. ET / 11 a.m. PT

  • Gautam Aggarwal, CMO of Bay Dynamics, to discuss cyber risk predictive analytics
  • Rod Beckstrom, founding Director of the U.S. National Cybersecurity Center and Chairman of the Global Council on the Future of the Internet, to discuss geo-political aspects of cybersecurity
  • Roger Hellman, global marketing manager for security solutions at IBM
  • Cory Scott, director of house security at LinkedIn, to discuss a new Tactical Security Program and the art of "getting things done”
  • Adam Meyers, VP of intelligence for CrowdStrike, to discuss intelligence-driven security
  • Stacey Halota, CISO of Graham Holdings Co., to discuss mobile security

3 p.m. ET / 12 p.m. PT

  • Jeremiah Grossman, founder of WhiteHat Security and member of the Black Hat Review Board, to discuss trends in web security and give a behind-the-scenes look at the Black Hat Briefings selection process
  • Patrick Wardle,  director of research at Synack, to give a rundown about "writing [email protected]$$ malware for OS X"
  • John Dickson, CISSP,  principal of the Denim Group, to provide the attendee's perspective on what's cool at Black Hat
  • Greg Conti, director of the Army Cyber Institute at West Point, Tom Cross, CTO of Drawbridge Networks, and David Raymond, associate professor at West Point -- to discuss smart cities security and their session "Pen Testing a City"
  • Jason Larsen, principal security consultant at IOActive, to discuss physical attacks and smart buildings/cities

4 p.m. ET / 1 p.m. PT

  • Raffael Marty,  founder and CEO of PixlCloud, about using visualization to make log analysis and forensic investigations more efficient and effective
  • Richard Bejtlich, chief security strategist of FireEye and senior fellow of the Brookings Institution, to discuss thinking strategically about digital security
  • Paul Vixie,  CEO of Farsight Security, to discuss how passive DNS can minimize the collateral damage done by law enforcement when they take down organized cybercrime groups
  • Chris Wysopal, co-founder and CTO of Veracode, to talk about application security and vulnerabilities in fundamental components of open-source software and protocols
  • Jim Anderson, president of the Americas, BAE Systems Applied Intelligence, to discuss cyber defense, threat intelligence, and analytics
  • Engin Kirda, chief architect at Lastline, to discuss how most ransomware isn't at complex as you think

Thursday, Aug. 6:

2 p.m. ET / 11 a.m. PT

  • Marion Marschalek, malware reverse engineer on duty for Cyphort, to discuss the peculiarities of nation-state malware research
  • Arian Evans, VP of Product Strategy, RiskIQ, online digital asset inventory, discovery, and security firm
  • Bob Stratton, general partner of MACH37, to identify the hot areas are for security funding and the common mistakes that security startups make
  • Kelly Jackson-Higgins, executive editor of Dark Reading, to give a rundown of the top stories and trends out of Black Hat so far

3 p.m. ET / 12 p.m. PT

  • Shehzad Merchant, CTO Gigamon, network visibility, analytics, and security provider
  • Juan Pablo Perez-Etchegoyen, CTO of Onapsis, to discuss exploiting and defending SAP systems
  • Katie Moussouris, chief policy officer for HackerOne, to discuss how the Wassenaar Arrangement's export control of intrusion software affects the security industry
  • Paul Kurtz, former cybersecurity advisor to the White House, on the importance of information sharing between the public and private sectors, and the impacts of legislation on cybersecurity

4 p.m. ET / 1 p.m. PT

  • Dan Kaminsky, chief scientist and founder of White Ops and keynote speaker of the CISO Summit, to discuss the future of infosec
  • Alexander Matrosov and Oleksandr Bazhaniuk, security researchers for Intel's Advanced Threat Research team, to discuss attacking hypervisors using firmware and hardware
  • Adam Kozy, researcher at CrowdStrike, to discuss China's Great Cannon offensive system
  • Kyle Wilhoit, senior threat researcher at Trend Micro, to break down real attacks against gas pump monitoring systems

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
8/3/2015 | 2:25:14 PM
Excited
Very much looking forward to these topics! The two below in particular:

 

Raffael Marty,  founder and CEO of PixlCloud, about using visualization to make log analysis and forensic investigations more efficient and effective

Adam Kozy, researcher at CrowdStrike, to discuss China's Great Cannon offensive system
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
8/3/2015 | 12:15:44 PM
Re: Not clear how to sign up

@JaniceP928 --There will be a link posted on the home page later this week pointing to the live feed. You'll see it before Wednesday. So stay tuned. And thanks for asking!
JaniceP928
50%
50%
JaniceP928,
User Rank: Apprentice
8/3/2015 | 12:12:29 PM
Not clear how to sign up
From the article it isn't clear how to sign up for the live feed.
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16632
PUBLISHED: 2021-05-15
A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.
CVE-2021-32073
PUBLISHED: 2021-05-15
DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.
CVE-2021-33033
PUBLISHED: 2021-05-14
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33034
PUBLISHED: 2021-05-14
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2019-25044
PUBLISHED: 2021-05-14
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.