The schedule for this year’s Black Hat USA was recently released and we finally got a chance to inspect it and figure out what we were most excited to see. Overall there seems to be several interesting hardware (smart meter, routers, firmware, NFC, etc), mobile (iOS, Win7 phone, Android), and newish technologies (HTML5, IPv6, Windows [...]

Events Related: BlackHat / DefCon 18 related posts Highlights from Black Hat and Defcon – readwriteweb.com Here’s our round-up of highlights from the two security events from around the web. Black Hat & DEFCON Observations – bobbydominguez.com Both cons have their own distinct culture and participants, but you’ll see Black Hat attendees stay for the [...]

This is an updated post from last year, with a similar post title of Top 5 Reasons to Attend Black Hat USA. So what makes Black Hat USA so good, and why do we keep coming back? Here are our top five reasons to attend Black Hat USA. Excellent Presentations – There are eight session [...]

Join Black Hat Founder and Director Jeff Moss and several of this year’s USA speakers for a Webcast previewing some of the hottest topics being presented at Black Hat USA 2009. Registered participants of the Webcast will receive a code that can be redeemed for $250 off the price of registration for the USA 2009 [...]

Black Hat USA is over, and I think everyone is still in recovery mode. There were tons of presentations, and here are some posts from various people recapping the event. Once I recover, I will be posting my overall thoughts on the conference as well. Day 1: BlackHat 2008 LiveBlog: Day 1 by Security Monkey [...]

Michael Boman is hosting the Black Hat USA 2008 presentations on his site. Here is a direct link to the Black Hat USA 2008 zip file, with a file size of 198,756,461 bytes, and a MD5 of a5551435ccce85d3fb26b90bc899c080. Thanks Michael!

Here are my notes from the Black Hat USA 2008 presentation called ‘MetaPost Exploitation‘ by Val Smith and Colin Ames. The MetaPost Exploitation slides are now online, as well as demo movies at offensivecomputing.net. If you do any sort of enterprise level penetration testing, you should definitely check it out. Credential Management Wordpad and paper [...]

Yesterday Jeremiah Grossman and Trey Ford from WhiteHat Security gave a very interesting and fun presentation called ‘Get Rich or Die Trying – Making Money on The Web, The Black Hat Way‘. They went over several real world examples of business logic flaws, and in some cases profited (a lot) from those flaws. The Get [...]

Here are my notes from the Black Hat USA 2008 presentation called ‘The Internet is Broken: Beyond Document.Cookie – Extreme Client Side Exploitation‘ by Nathan McFeters, John Heasman, and Rob Carter. GIFAR Hybrid .gif and .jar file .gif header is in the beginning of the file .jar header is in the end of the file [...]

Dan Kaminsky’s Black Hat USA presentation was a bit different than what I was expecting, but it was still very interesting. Instead of going into details on the vulnerability, he spent the majority of time identifying the systems that would break if someone were able to manipulate the DNS system. He basically said that once [...]