Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/28/2013
01:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Black Hat Releases Official Schedule

With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosure

SAN FRANCISCO, CA -- June 28, 2013 – Today, Black Hat, the world's leading family of information security events, announced the official schedule for Black Hat USA 2013. Black Hat is where the world's brightest information security professionals and researchers reveal vulnerabilities that impact everything from popular consumer devices to critical international infrastructure. With 110 unique Briefings and workshops, Black Hat USA boasts nearly 94 hours of high-intensity research and vulnerability disclosures – the most intense schedule in the event's history. Black Hat USA will take place July 27 – August 1, 2013, at Caesars Palace in Las Vegas. For more information and to register, please visit http://www.blackhat.com/us-13/.

Click here for more of Dark Reading's Black Hat articles.

Headlining the Briefings are keynote speakers, Gen. Keith Alexander, Commander, U.S. Cyber Command/Director, National Security Agency/Chief, Central Security Service (NSA/CSS) and Brian Muirhead, Chief Engineer, NASA's Jet Propulsion Laboratory, and former manager of the Mars Pathfinder Mission. Gen. Alexander who will take the stage on July 31 will give attendees an insider's look into the U.S. Cyber Command and the interworking of offensive cyber strategy. Mr. Muirhead will present "Take Risk, Don't Fail" on August 1, outlining how the combination of calculated risk taking, the application of well tested technology and a trusted team of experts yielded both awards in leadership and successes in space exploration.

"The quality of this years content is both refreshing and intimidating. This year, our Review Board had unprecedented visibility and involvement in content selection, providing a stronger community voice throughout the process," explained Trey Ford, General Manager, Black Hat. "The research is extremely diverse, and privacy continues to be a top-of-mind theme. It is an honor to welcome Gen. Alexander as our day one keynote and we look forward to seeing a glimpse of the world through his unique lens."

Some highlights of Black Hat USA 2013's Briefings include:

· Threats to mobile devices such as injecting malware into Apple's iOS devices with malicious chargers, intercepting traffic and SMS messages through compromised femtocells cracking BlackBerry's new OS 10, rooting SIM cards and even building a spyphone that can record conversations and send messages without you ever knowing.

· Preventing attacks on critical infrastructure and national security with talks around insider threats at the FBI, energy fraud and orchestrated blackouts, compromising industrial facilities, threats to major oil and gas pipelines and exploiting network surveillance cameras.

· Exposing vulnerabilities within our homes from automation systems such as HVAC and lighting, to other network-controlled devices such as door locks and garage sensors, to hacking some of the most well known home security systems and even the newest smart TVs.

Returning for its fourth year, Black Hat Arsenal offers researchers and the open source community a venue to demonstrate their recent work live. Running concurrently with the Briefings (July 31 - August 1), all Black Hat USA delegates will have access to the Arsenal's 48 tools and 20 turbo talks, highlighting the latest research of more than 45 of the most esteemed researchers from around the world. Here you will see everything from bypassing a car's security for less than 25 dollars, to analyzing smartphone penetration testing and performing web application security audits.

This year, Black Hat USA has added two additional tracks of content, featuring 11 groupings of workshops, roundtables and groundbreaking presentations by some of the best minds in the industry. Sponsors of Black Hat USA include Diamond Sponsors: Microsoft, Qualys, RSA; Platinum Plus Sponsors: Accuvant LABS, Alien Vault, Cisco, Core Security, LogRhythm, Looking Glass; Platinum Sponsors: Blue Coat, IBM, Lieberman Software, Solera Networks, Symantec and Trustwave.

For more information and to register for Black Hat USA 2013, please visit: http://www.blackhat.com/us-13/.

Connect with Black Hat

Twitter: https://twitter.com/BlackHatEvents - hashtag #BlackHat

Facebook: http://www.facebook.com/blackhat

LinkedIn Group: http://www.linkedin.com/groups?home=&gid=37658

Flickr: http://www.flickr.com/photos/blackhatevents/

About Black Hat

For more than 15 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, and are produced by UBM Tech. More information is available at: http://www.blackhat.com.

About UBM Tech

UBM Tech is a global media business that brings together the world's technology industry through live events and online properties. Its community-focused media and events provide expertly curated content along with user-generated content and peer-to-peer engagement opportunities through its proprietary, award-winning DeusM community platform. UBM Tech's brands include EE Times, Interop, Black Hat, InformationWeek, Game Developer Conference, CRN, and DesignCon. The company's products include research, education, training, and data services that accelerate decision making for technology buyers. UBM Tech also offers a full range of marketing services based on its content and technology market expertise, including custom events, content marketing solutions, community development and demand generation programs. UBM Tech is a part of UBM (UBM.L), a global provider of media and information services with a market capitalization of more than $2.5 billion.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/1/2020
Attacker Dwell Time: Ransomware's Most Important Metric
Ricardo Villadiego, Founder and CEO of Lumu,  9/30/2020
9 Tips to Prepare for the Future of Cloud & Network Security
Kelly Sheridan, Staff Editor, Dark Reading,  9/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8109
PUBLISHED: 2020-10-01
A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. This can result in denial-of-service. This issue affects: Bitdefender Engines version 7.84892 and prior vers...
CVE-2019-20902
PUBLISHED: 2020-10-01
Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. The affected versions are from before version 3.4.6 and from 3.5.0 before 3.5.1.
CVE-2019-20903
PUBLISHED: 2020-10-01
The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets.
CVE-2020-25288
PUBLISHED: 2020-09-30
An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitra...
CVE-2020-25781
PUBLISHED: 2020-09-30
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.