A round-up of articles leading up to and live coverage from Black Hat USA 2010, July 24 to 29, Las Vegas

Dark Reading Staff, Dark Reading

July 23, 2010

3 Min Read

>> Building Botnets For Fun And Profit
Creating a botnet business can be lucrative -- and isn't as hard as you might think, Black Hat speaker says

>> Ghost In The Machine: Database Weaknesses Expose SAP Deployments
Attacker can create a nearly undetectable user account in SAP once he gains unauthorized access, Black Hat USA researcher says

>> Researcher Reads RFID Tag From Hundreds Of Feet Away
Demonstration raises privacy and security concerns with RFID EPC Class 1 Generation 2 used in some passport cards, inventory tags, and driver's licenses

>> Metasploit To Get More Powerful Web Attack Features
Rapid7 sponsors open-source w3af Web assessment and exploit project

>> Design Flaws Make All Browsers Vulnerable, Black Hat Speaker Says
In series of hacks, researcher demonstrates inherent flaws in currently used browsers

>> Most SSL Sites Poorly Configured
Half of all SSL servers run older, insecure version of SSL; attacks against HTTPS browser sessions detailed at Black Hat

>> Former NSA, CIA Director Says Intelligence-Gathering Isn't Cyberwar
Efforts to crack U.S. cyberdefenses are standard operating procedure, Hayden tells Black Hat audience

>> New Tool Allows Websites To Keep Serving Pages After Infection
"Mod_antimalware" strips out malware instead of blocking infected pages, Black Hat presenter says

>> Adobe Joins Microsoft's Advance-Alert Program For Security Vendors
Microsoft's MAPP program will now include advance information on Adobe product vulnerabilities

>> Malware Authors Leave Their Fingerprints On Their Work, Black Hat Researcher Says
Careful study of malware can help experts recognize its source and protect against it

>> ATMs At Risk, Researcher Warns At Black Hat
Barnaby Jack demonstrates remote and local exploits that work on popular bank machines

>> Researcher Exposes Massive Automated Check Counterfeiting Operation Out of Russia
'Big Boss' operation used VPN-tunneling botnet, Zeus Trojan, database-hacking, and money mules to help print and cash phony checks

>> 'App Genome Project' Exposes Potential Smartphone Risks
Researchers from Lookout will present their findings thus far in study of freebie Android, iPhone apps

>> Security Pros Feel Underpaid, But In Some Cases Would Take A Pay Cut
New survey shows value IT security professionals place on job security, training, quality of life; authors to discuss career issues at Black Hat

>> Researcher Says Home Routers Are Vulnerable
Black Hat presentation will demonstrate hacks that could work on many existing routers

>> Researcher 'Fingerprints' The Bad Guys Behind The Malware
Black Hat USA researcher will demonstrate how to find clues to help ID actual attackers, plans to release free fingerprinting tool

>> 'Robin Sage' Profile Duped Military Intelligence, IT Security Pros
Social networking experiment of phony female military intelligence profile fooled even the most security-savvy on LinkedIn, Facebook, Twitter -- and also led to the leakage of sensitive military information

>> 'BlindElephant' To ID Outdated Or Unknown Web Apps, Plug-Ins
New freebie tool fingerprints out-of-date apps

>> SAP, Other ERP Applications At Risk Of Targeted Attacks
Black Hat Europe researcher demonstrates techniques for inserting 'backdoors' into popular enterprise resource planning apps that aren't properly secured

>> New Hack Pinpoints Cell Phone User's Location, Personal And Business Relationships
Researchers demonstrate a technique that exploits the cell phone infrastructure to compromise cell user's privacy

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights