Vulnerabilities / Threats

9/30/2016
09:00 AM
Sean Martin
Sean Martin
Slideshows
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

10 Hottest Sessions At Black Hat Europe 2016

A sneak-peek at some of the more intriguing Briefings at the upcoming conference in London.
Previous
1 of 6
Next

The Black Hat Europe 2016 Conference kicks off November 1 in London.

The Briefings section -- where researchers present new findings and insights -- includes topics from critical infrastructure and Internet of things (IoT) security; human factors in security; vulnerabilities targeting multiple platforms, operating systems, and devices; and the latest in automation and orchestration in detection and response.

Here are 10 hot sessions that must not be missed, with two from each category:

  • Overall
  • AppSec
  • Internet of Things & Smart Grid
  • Mobility
  • Human Factors

 

Sean Martin is an information security veteran of nearly 25 years and a four-term CISSP with articles published globally covering security management, cloud computing, enterprise mobility, governance, risk, and compliance—with a focus on specialized industries such as ... View Full Bio

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/30/2016 | 9:35:57 AM
Oauth2
If there has been an exploit being performed in the wild against oauth this could require rapid patching and changes set to occur for many SSO providers.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
9/30/2016 | 9:30:54 AM
Automating IR
Interesting, curious as to what open source IR utilities they intend to leverage.
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Australian Teen Hacked Apple Network
Dark Reading Staff 8/17/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15504
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
CVE-2018-15505
PUBLISHED: 2018-08-18
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 a...
CVE-2018-15492
PUBLISHED: 2018-08-18
A vulnerability in the lservnt.exe component of Sentinel License Manager version 8.5.3.35 (fixed in 8.5.3.2403) causes UDP amplification.
CVE-2018-15494
PUBLISHED: 2018-08-18
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
CVE-2018-15495
PUBLISHED: 2018-08-18
/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, as demonstrated by a file:///etc/passwd value.