
	Home > Black Hat Las Vegas 2008: News, podcasts and videos

Special News Coverage:

EMAIL THIS

Black Hat Las Vegas 2008: News, podcasts and videos

29 Jul 2008 | SearchSecurity.com

Digg This!

StumbleUpon

Del.icio.us

Visit the Black Hat USA 2008 Web site

FEATURES

Initial virtualization costs could outweigh benefits
It could be costly for companies to sort out the new governance, oversight and manageability issues being introduced by virtualized environments.

Analysis tool uses Intel virtualization to hide from malware
The Azure tool uses virtualization extensions in Intel chips to give security researchers the upper hand by avoiding detection from malware.

PODCASTS

Nameless Security Podcast: The researcher's-eye view of security
Dino Dai Zovi is the featured guest on the second installment of the Nameless Security Podcast with Dennis Fisher. Dai Zovi is a well-respected researcher whose work on Mac OS X security and virtualization has won him acclaim. He's also the information security officer at a financial service company, and in this podcast he talks about the ways his dual roles intersect, the real problems with virtualization and the highlights of Black Hat 2008.

Security Wire Weekly: Hackers Are People Too
Ashley Schwartau, director of a new documentary Hackers Are People Too, explains the challenges of making a movie about hackers. The documentary looks at the human side of the hacking community. The film debuted at DEFCON 16.

Security Wire Weekly: Kaminsky at Black Hat
Dan Kaminsky gave his Black Hat briefing this week, disclosing full details about the extent of the DNS cache poisoning flaw. Listen to excerpts of his briefing.

Security Squad: Black Hat preview, Pwnie awards
Join the Security Squad for a quick preview of next week's Black Hat briefing in Las Vegas. SearchSecurity.com editors talk about Dan Kaminsky's DNS cache poisoning flaw. The Pwnie award nominees are also reviewed. Which song submission could win? Listen to find out.

Security Wire Weekly: Wireless insecurities
In this special edition of Security Wire Weekly, Karsten Nohl, the security researcher who was part of a team that broke the crypto algorithm in the Mifare Classic RFID-based smart card, talks about his upcoming briefing at the Black Hat briefing in Las Vegas. Nohl, a University of Virgina graduate student talks about how RFID use could improve security in smart cards.

Security Wire Weekly: Infiltrating phishers
Security researchers Billy Rios and Nitesh Dhanjani explain how they infiltrated the phishing underground in a preview of their upcoming Black Hat presentation: "Bad Sushi: Beating Phishers at Their Own Game."

Podcast: Researcher prepares for 'virtualization apocalypse'
Christofer Hoff, chief security architect at Unisys, previews his upcoming Black Hat briefing, "The four horsemen of the virtualization security apocalypse." Hoff says virtualization security could prove to be very costly for companies as they try to sort out the new governance, oversight and manageability issues being introduced by the technology.

TOP STORIES

Researchers use browser to elude Vista memory protections
Black Hat: Two researchers Thursday will demonstrate how to use Java, ActiveX controls and .NET objects to essentially bypass all the key security safeguards in Windows Vista.
MySpace, Facebook ignoring basic principles of security
Social networking websites MySpace and Facebook present a significant security risk to users, largely because their wide-open application programming interfaces (APIs) are a tempting target for malicious hackers.
Hacking techniques compromise Microsoft Vista heap
Black Hat: Ben Hawkes, an independent researcher, demonstrated several scenarios in which Microsoft Vista can be compromised by hackers via its main storage memory.
Vista functionality still wins over security
A researcher renowned for tinkering with Active X controls tossed a pail of ice water today at Black Hat on the security-first marketing associated with Vista.
Positive changes coming to ModSecurity
A big gap in the popular open source Web application firewall is addressed via a new tool called ModProfiler that establishes a baseline of Web application behavior and feeds that intelligence to ModSecurity.
Researchers develop lightweight Cisco IOS rootkit
Building on previous research against IOS, Core Security researchers have theoretically shown the plausibility of an IOS rootkit attack.
Bluetooth 2.1 is easy to crack
Black Hat: A cryptographer for Aladdin Knowledge Systems says Bluetooth version 2.1, designed to be more secure than previous versions, is actually extremely vulnerable to attackers.
Kaminsky: DNS flaw capable of attacks on many fronts
Network security researcher Dan Kaminsky outlined more than a dozen ways the DNS cache poisoning flaw could be exploited by an attacker to wreak havoc on vulnerable systems.
Black Hat buzz grows around Vista exploit briefing
According to sources, a pair of researchers Thursday will reveal new ways in which attackers can bypass Windows Vista security features.
Mozilla to release Firefox threat-modeling data
The Mozilla Foundation's security chief says it will soon publicly release threat-modeling data for the next version of the Firefox Web browser.
Microsoft to revamp patching, add exploitability index
Microsoft plans to give some security vendors early access to vulnerability information prior to the patch release.
Hoffman to demonstrate new hacking techniques
Researcher to demonstrate hacking methods that enable malware authors to shield their programs from analysis.
EV SSL certificates won't stop phishers, researchers say
Two researchers call Extended Validation (EV) SSL certificates a Band-Aid approach, and share their research of the phishing underground.
Valuable lesson emerges from DNS flaw handling
Any effort to prevent others in the legitimate security community from working out the problem is a waste of time.

BROWSE BY TAG
Security Industry Market Trends, Predictions and Forecasts, Information Security Management, Emerging Information Security Threats, VIEW ALL TAGS

Digg This! StumbleUpon Del.icio.us

RELATED CONTENT

Security Industry Market Trends, Predictions and Forecasts

M86 buys Web security gateway vendor Finjan

Information Security Decisions 2009: Presentation downloads

Bruce Schneier on outsourcing, awareness training

Marcus Ranum on cyberwarfare, infosec careers

McAfee survey finds faults in midmarket enterprise security

Email archiving vendor sues Gartner over Magic Quadrant

Information Security magazine October issue PDF

Editor's Desk: Security 7 Winners Chronicle Trends That Shape The Industry

Information Security magazine Security 7 Award winners

Security Squad: Privacy gone awry

Security Industry Market Trends, Predictions and Forecasts Research

Emerging Information Security Threats

Modern malware, stealthy botnets, adapt quickly, expert says

New ransomware Trojan pushes victims to buy software

Bruce Schneier on outsourcing, awareness training

US-CERT warns of BlackBerry snooping software

Marcus Ranum on cyberwarfare, infosec careers

Researchers find thousands of flawed embedded devices

Enterprise botnets contain thousands of malware variants

Nuke and pave to eradicate botnets

Rand study urges caution on cyberwarfare attacks

Hathaway joins Harvard to contribute to DOD project

Search Additional Security Research and Solutions

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy