
	Home > Black Hat Las Vegas 2008: News, podcasts and videos

Special News Coverage:

EMAIL THIS

Black Hat Las Vegas 2008: News, podcasts and videos

29 Jul 2008 | SearchSecurity.com

Digg This!

StumbleUpon

Del.icio.us

Visit the Black Hat USA 2008 Web site

FEATURES

Initial virtualization costs could outweigh benefits
It could be costly for companies to sort out the new governance, oversight and manageability issues being introduced by virtualized environments.

Analysis tool uses Intel virtualization to hide from malware
The Azure tool uses virtualization extensions in Intel chips to give security researchers the upper hand by avoiding detection from malware.

PODCASTS

Nameless Security Podcast: The researcher's-eye view of security
Dino Dai Zovi is the featured guest on the second installment of the Nameless Security Podcast with Dennis Fisher. Dai Zovi is a well-respected researcher whose work on Mac OS X security and virtualization has won him acclaim. He's also the information security officer at a financial service company, and in this podcast he talks about the ways his dual roles intersect, the real problems with virtualization and the highlights of Black Hat 2008.

Security Wire Weekly: Hackers Are People Too
Ashley Schwartau, director of a new documentary Hackers Are People Too, explains the challenges of making a movie about hackers. The documentary looks at the human side of the hacking community. The film debuted at DEFCON 16.

Security Wire Weekly: Kaminsky at Black Hat
Dan Kaminsky gave his Black Hat briefing this week, disclosing full details about the extent of the DNS cache poisoning flaw. Listen to excerpts of his briefing.

Security Squad: Black Hat preview, Pwnie awards
Join the Security Squad for a quick preview of next week's Black Hat briefing in Las Vegas. SearchSecurity.com editors talk about Dan Kaminsky's DNS cache poisoning flaw. The Pwnie award nominees are also reviewed. Which song submission could win? Listen to find out.

Security Wire Weekly: Wireless insecurities
In this special edition of Security Wire Weekly, Karsten Nohl, the security researcher who was part of a team that broke the crypto algorithm in the Mifare Classic RFID-based smart card, talks about his upcoming briefing at the Black Hat briefing in Las Vegas. Nohl, a University of Virgina graduate student talks about how RFID use could improve security in smart cards.

Security Wire Weekly: Infiltrating phishers
Security researchers Billy Rios and Nitesh Dhanjani explain how they infiltrated the phishing underground in a preview of their upcoming Black Hat presentation: "Bad Sushi: Beating Phishers at Their Own Game."

Podcast: Researcher prepares for 'virtualization apocalypse'
Christofer Hoff, chief security architect at Unisys, previews his upcoming Black Hat briefing, "The four horsemen of the virtualization security apocalypse." Hoff says virtualization security could prove to be very costly for companies as they try to sort out the new governance, oversight and manageability issues being introduced by the technology.

TOP STORIES

Researchers use browser to elude Vista memory protections
Black Hat: Two researchers Thursday will demonstrate how to use Java, ActiveX controls and .NET objects to essentially bypass all the key security safeguards in Windows Vista.
MySpace, Facebook ignoring basic principles of security
Social networking websites MySpace and Facebook present a significant security risk to users, largely because their wide-open application programming interfaces (APIs) are a tempting target for malicious hackers.
Hacking techniques compromise Microsoft Vista heap
Black Hat: Ben Hawkes, an independent researcher, demonstrated several scenarios in which Microsoft Vista can be compromised by hackers via its main storage memory.
Vista functionality still wins over security
A researcher renowned for tinkering with Active X controls tossed a pail of ice water today at Black Hat on the security-first marketing associated with Vista.
Positive changes coming to ModSecurity
A big gap in the popular open source Web application firewall is addressed via a new tool called ModProfiler that establishes a baseline of Web application behavior and feeds that intelligence to ModSecurity.
Researchers develop lightweight Cisco IOS rootkit
Building on previous research against IOS, Core Security researchers have theoretically shown the plausibility of an IOS rootkit attack.
Bluetooth 2.1 is easy to crack
Black Hat: A cryptographer for Aladdin Knowledge Systems says Bluetooth version 2.1, designed to be more secure than previous versions, is actually extremely vulnerable to attackers.
Kaminsky: DNS flaw capable of attacks on many fronts
Network security researcher Dan Kaminsky outlined more than a dozen ways the DNS cache poisoning flaw could be exploited by an attacker to wreak havoc on vulnerable systems.
Black Hat buzz grows around Vista exploit briefing
According to sources, a pair of researchers Thursday will reveal new ways in which attackers can bypass Windows Vista security features.
Mozilla to release Firefox threat-modeling data
The Mozilla Foundation's security chief says it will soon publicly release threat-modeling data for the next version of the Firefox Web browser.
Microsoft to revamp patching, add exploitability index
Microsoft plans to give some security vendors early access to vulnerability information prior to the patch release.
Hoffman to demonstrate new hacking techniques
Researcher to demonstrate hacking methods that enable malware authors to shield their programs from analysis.
EV SSL certificates won't stop phishers, researchers say
Two researchers call Extended Validation (EV) SSL certificates a Band-Aid approach, and share their research of the phishing underground.
Valuable lesson emerges from DNS flaw handling
Any effort to prevent others in the legitimate security community from working out the problem is a waste of time.

BROWSE BY TAG
Security Industry Market Trends, Predictions and Forecasts, Information Security Management, Information Security Threats, Emerging Information Security Threats, VIEW ALL TAGS

Digg This! StumbleUpon Del.icio.us

RELATED CONTENT

Security Industry Market Trends, Predictions and Forecasts

Cybersecurity czar candidate questions clout of new position

Gartner sees better days ahead for security budgets

Sophos CEO on Symantec, McAfee after Utimaco acquisition

WH cybersecurity plan needs private sector guidance

Obama announces creation of cybersecurity coordinator position

Security budgets take hit in media, tech industry, survey finds

Cybersecurity Act of 2009: Power grab, or necessary step?

Opinion: Gartner gets NAC wrong, again

Cloud computing security group releases report outlining trouble areas

White House cybersecurity advisor calls for public-private cooperation

Security Industry Market Trends, Predictions and Forecasts Research

Emerging Information Security Threats

New attack code targets Microsoft DirectShow zero-day vulnerability

Adobe ColdFusion websites being compromised

Antispyware buying guide for Indian enterprises

ATM malware lets attackers take over machines

FTC shutters rogue ISP for hosting malicious content, botnets

The failing war against cybercriminals

White House cybersecurity czar faces major hurdles

Cybercrime and threat management

The Pipe Dream of No More Free Bugs

Face-off: Who should be in charge of cybersecurity?

Search Additional Security Research and Solutions
Find Security Channel Research for Resellers and Partners

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy