Events Related:

BlackHat / DefCon 18 related posts

Highlights from Black Hat and Defcon – readwriteweb.com
Here’s our round-up of highlights from the two security events from around the web.
Black Hat & DEFCON Observations – bobbydominguez.com
Both cons have their own distinct culture and participants, but you’ll see Black Hat attendees stay for the Defcon forums.
Corey’s 2010 Las Vegas [...]

This is an updated post from last year, with a similar post title of Top 5 Reasons to Attend Black Hat USA.
So what makes Black Hat USA so good, and why do we keep coming back? Here are our top five reasons to attend Black Hat USA.

Excellent Presentations – There are eight session [...]

Join Black Hat Founder and Director Jeff Moss and several of this year’s USA speakers for a Webcast previewing some of the hottest topics being presented at Black Hat USA 2009. Registered participants of the Webcast will receive a code that can be redeemed for $250 off the price of registration for the USA 2009 [...]

Black Hat USA is over, and I think everyone is still in recovery mode. There were tons of presentations, and here are some posts from various people recapping the event. Once I recover, I will be posting my overall thoughts on the conference as well.
Day 1:

BlackHat 2008 LiveBlog: Day 1 by Security Monkey
Blogging Blackhat, [...]

Michael Boman is hosting the Black Hat USA 2008 presentations on his site. Here is a direct link to the Black Hat USA 2008 zip file, with a file size of 198,756,461 bytes, and a MD5 of a5551435ccce85d3fb26b90bc899c080. Thanks Michael!

Here are my notes from the Black Hat USA 2008 presentation called ‘MetaPost Exploitation‘ by Val Smith and Colin Ames. The MetaPost Exploitation slides are now online, as well as demo movies at offensivecomputing.net. If you do any sort of enterprise level penetration testing, you should definitely check it out.

Credential Management

Wordpad and paper don’t [...]

Yesterday Jeremiah Grossman and Trey Ford from WhiteHat Security gave a very interesting and fun presentation called ‘Get Rich or Die Trying – Making Money on The Web, The Black Hat Way‘. They went over several real world examples of business logic flaws, and in some cases profited (a lot) from those flaws.
The Get [...]

Here are my notes from the Black Hat USA 2008 presentation called ‘The Internet is Broken: Beyond Document.Cookie – Extreme Client Side Exploitation‘ by Nathan McFeters, John Heasman, and Rob Carter.

GIFAR

Hybrid .gif and .jar file

.gif header is in the beginning of the file
.jar header is in the end of the file

File will still [...]

Dan Kaminsky’s Black Hat USA presentation was a bit different than what I was expecting, but it was still very interesting. Instead of going into details on the vulnerability, he spent the majority of time identifying the systems that would break if someone were able to manipulate the DNS system. He basically said that once [...]

This years’ SWAG bag for Black Hat USA 2008 is pretty cool. Included in the bag is a Moleskine like notebook, Paypal OTP token, Black Hat pen/highlighter, Black Hat sticker and of course all the presentations from the conference. The shoulder bag is actually useable, which is somewhat rare for conference bags. Thanks Black Hat!