Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2007 was held August 1-3 in Las Vegas at Caesars Palace. Two days, sixteen tracks, over 95 presentations. Three keynote speakers: Richard Clarke, Tony Sager and Bruce Schneier. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-07/bh-usa-07-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and ...
…
continue reading
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2007 was held August 1-3 in Las Vegas at Caesars Palace. Two days, sixteen tracks, over 95 presentations. Three keynote speakers: Richard Clarke, Tony Sager and Bruce Schneier. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-07/bh-usa-07-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and ...
…
continue reading
1
Gadi Evron: Estonia: Information Warfare and Strategic Lessons
1:13:39
1:13:39
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:39
In this talk we will discuss what is now referred to as "The 'first' Internet War" where Estonia was under massive online attacks for a period of three weeks, following tensions with the local Russian population. Following a riot in the streets of Tallinn, an online assault begun, resulting in a large-scale coordination of the Estonian defenses on …
…
continue reading
1
Gadi Evron: Estonia: Information Warfare and Strategic Lessons
1:13:39
1:13:39
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:39
In this talk we will discuss what is now referred to as "The 'first' Internet War" where Estonia was under massive online attacks for a period of three weeks, following tensions with the local Russian population. Following a riot in the streets of Tallinn, an online assault begun, resulting in a large-scale coordination of the Estonian defenses on …
…
continue reading
1
HD Moore & Valsmith: Tactical Exploitation-Part 2
1:12:12
1:12:12
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:12:12
Penetration testing often focuses on individual vulnerabilities and services. This talk introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using combination of new tools and obscure techniques, I will walk through the process of compromising an organization without the use of normal exploit code. Many of the tool…
…
continue reading
1
HD Moore & Valsmith: Tactical Exploitation-Part 2
1:12:12
1:12:12
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:12:12
Penetration testing often focuses on individual vulnerabilities and services. This talk introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using combination of new tools and obscure techniques, I will walk through the process of compromising an organization without the use of normal exploit code. Many of the tool…
…
continue reading
1
Justin N. Ferguson: Understanding the Heap by Breaking It: A Case Study of the Heap as a Persistent Data Structure Through Non-traditional Exploitation Techniques
47:13
47:13
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
47:13
Traditional exploitation techniques of overwriting heap metadata has been discussed ad-nauseum, however due to this common perspective the flexibility in abuse of the heap is commonly overlooked. This presentation examines a flaw that was found in several popular open-source applications including mod_auth_kerb (Apache Kerberos Authentication), Sam…
…
continue reading
1
Ben Feinstein & Daniel Peck: CaffeineMonkey: Automated Collection, Detection and Analysis of Malicious JavaScript
1:00:18
1:00:18
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:00:18
The web browser is ever increasing in its importance to many organizations. Far from its origin as an application for fetching and rendering HTML, today?s web browser offers an expansive attack surface to exploit. All the major browsers now include full-featured runtime engines for a variety of interpreted scripting languages, including the popular…
…
continue reading
1
Kevvie Fowler: SQL Server Database Forensics
1:04:22
1:04:22
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:04:22
Databases are the single most valuable asset a business owns. Databases store and process critical healthcare, financial and corporate data, yet businesses place very little focus on securing and logging the underlying database transactions. As well, in an effort to trim costs, many organizations are consolidating several databases on to single mis…
…
continue reading
1
Kenneth Geers: Greetz from Room 101
1:05:17
1:05:17
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:05:17
Imagine you are king for a day. Enemies are all around you, and they seem to be using the Internet to plot against you. Using real-world cyber war stories from the most tightly controlled nations on Earth, Greetz from Room 101 puts you in the shoes of a king who must defend the royal palace against cyber-equipped revolutionaries. Can a monarch buy …
…
continue reading
1
Jennifer Granick: Disclosure and Intellectual Property Law: Case Studies
1:13:44
1:13:44
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:44
The simple decision by a researcher to tell what he or she has discovered about a software product or website can be very complicated both legally and ethically. The applicable legal rules are complicated, there isn?t necessarily any precedent, and what rules there are may be in flux. In this presentation, I will use Cisco and ISS's lawsuit against…
…
continue reading
1
Jeremiah Grossman & Robert Hansen: Hacking Intranet Websites from the Outside (Take 2) - "Fun with and without JavaScript malware
54:40
54:40
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
54:40
Attacks always get better, never worse. The malicious capabilities of Cross-Site Scripting (XSS) and Cross-Site Request Forgeries (CSRF), coupled with JavaScript malware payloads, exploded in 2006. Intranet Hacking from the Outside, Browser Port Scanning, Browser History Stealing, Blind Web Server Fingerprinting, and dozens of other bleeding-edge a…
…
continue reading
1
Nick Harbour: Stealth Secrets of the Malware Ninjas
53:15
53:15
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
53:15
It is important for the security professional to understand the techniques used by those they hope to defend against. This presentation focuses on the anti-forensic techniques which malware authors incorporate into their malicious code, as opposed to relying solely on an external rootkit. In addition to describing a number of known but scarcely doc…
…
continue reading
1
John Heasman: Hacking the extensible Firmware Interface
52:09
52:09
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
52:09
Macs use an ultra-modern industry standard technology called EFI to handle booting. Sadly, Windows XP, and even Vista, are stuck in the 1980s with old-fashioned BIOS. But with Boot Camp, the Mac can operate smoothly in both centuries." - Quote taken from http://www.apple.com/macosx/bootcamp/ The Extensible Firmware Interface (EFI) has long been tou…
…
continue reading
1
Brad Hill: Attacking Web Service Securty: Message....
1:10:53
1:10:53
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:10:53
Web Services are becoming commonplace as the foundation of both internal Service Oriented Architectures and B2B connectivity, and XML is the world's most successful and widely deployed data format. This presentation will take a critical look at the technologies used to secure these systems and the emerging attention to "message-oriented" security. …
…
continue reading
1
Jim Hoagland: Vista Network Attack Surface Analysis and Teredo Security Implications
54:59
54:59
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
54:59
This talk will present the results of a broad analysis performed on the network-facing components of the release (RTM) version of Microsoft Windows Vista, as well as the results of study of the security implications of the related Teredo protocol. Windows Vista features a rewritten network stack, which introduces a number of core behavior changes. …
…
continue reading
1
Greg Hoglund: Active Reversing: The Next Generation of Reverse Engineering
1:06:23
1:06:23
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:06:23
Most people think of reverse engineering as a tedious process of reading disassembled CPU instructions and attempting to predict or deduce what the original 'c' code was supposed to look like. This process is difficult, time consuming, and expensive, but it doesn't need to be. Software programs can be made to reverse engineer themselves. Software, …
…
continue reading
1
Mikko Hypponen: Status of Cell Phone Malware in 2007
1:08:35
1:08:35
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:08:35
First real viruses infecting mobile phones were found during late 2004. Since then, hundreds of different viruses have been found, most of them targeting smartphones running the Symbian operating system. Mobile phone viruses use new spreading vectors such as Multimedia messages and Bluetooth. Why is this mostly a Symbian problem? Why hasn't Windows…
…
continue reading
1
Krishna Kurapati: Vulnerabilities in Wi-Fi/Dual-Mode VoIP Phones
1:10:32
1:10:32
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:10:32
Dual-mode phones are used to automatically switch between WiFi and cellular networks thus providing lower costs, improved connectivity and a rich set of converged services utilizing protocols like SIP. Among several other VoIP products and services, Sipera VIPER Lab conducted vulnerability assessment on a sample group of dual-mode/Wi-Fi phones and …
…
continue reading
1
Jon Callas: Traffic Analysis -- The Most Powerful and Least Understood Attack Methods
51:51
51:51
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
51:51
Traffic analysis is gathering information about parties not by analyzing the content of their communications, but through the metadata of those communications. It is not a single technique, but a family of techniques that are powerful and hard to defend against. Traffic analysis is also one of the least studied and least well understood techniques …
…
continue reading
1
Dan Kaminsky: Black Ops 2007: Design Reviewing The Web
55:14
55:14
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
55:14
Design bugs are really difficult to fix -- nobody ever takes a dependency on a buffer overflow, after all. Few things have had their design stretched as far as the web; as such, I've been starting to take a look at some interesting aspects of the "Web 2.0" craze. Here's a few things I've been looking at: Slirpie: VPN'ing into Protected Networks Wit…
…
continue reading
1
Dr. Neal Krawetz: A Picture's Worth...
48:37
48:37
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
48:37
Digital cameras and video software have made it easier than ever to create high quality pictures and movies. Services such as MySpace, Google Video, and Flickr make it trivial to distribute pictures, and many are picked up by the mass media. However, there is a problem: how can you tell if a video or picture is showing something real? Is it compute…
…
continue reading
1
Adam Laurie: RFIDIOts!!!- Practical RFID Hacking (Without Soldering Irons or Patent Attorneys)
1:13:07
1:13:07
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:07
RFID is being embedded in everything...From Passports to Pants. Door Keys to Credit Cards. Mobile Phones to Trash Cans. Pets to People even! For some reason these devices have become the solution to every new problem, and we can't seem to get enough of them...Oleh feedback@blackhat.com (Black Hat RSS Feed)
…
continue reading
1
Dr. Andrew Lindell: Anonymous Authentication-Preserving Your Privacy Online
1:02:26
1:02:26
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:02:26
Our right to privacy is under attack today. Actually, no one denies our right to privacy. However, in reality, this right is being eroded more and more as every minute passes. Some of this has to do with the war on terror, but much of it simply has to do with the fact that our online actions can and are being recorded in minute detail. In this pres…
…
continue reading
1
David Litchfield: Database Forensics
1:03:44
1:03:44
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:03:44
Since the state of California passed the Database Security Breach Notification Act (SB 1386) in 2003 another 34 states have passed similar legislation with more set to follow. In January 2007 TJX announced they had suffered a database security breach with 45.6 million credits card details stolen - the largest known breach so far. In 2006 there were…
…
continue reading
1
David Maynor & Robert Graham: Simple Solutions to Complex Problems from the Lazy Hacker?s Handbook: What Your Security Vendor Doesn?t Want You to Know .
50:31
50:31
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
50:31
Security is very hard these days: lots of new attack vectors, lots of new acronyms, compliance issues, and the old problems aren?t fading away like predicted. What?s a security person to do? Take a lesson from your adversary... Hackers are famous for being lazy -- that?s why they?re hackers instead of productive members of society. They want to fin…
…
continue reading
1
Haroon Meer & Marco Slaviero: It's all about the timing
1:13:22
1:13:22
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:22
It's all about the timing... Timing attacks have been exploited in the wild for ages, with the famous TENEX memory paging timing attack dating back to January of 1972. In recent times timing attacks have largely been relegated to use only by cryptographers and cryptanalysts. In this presentation SensePost analysts will show that timing attacks are …
…
continue reading
1
Luis Miras: Other Wireless: New ways of being Pwned
1:02:59
1:02:59
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:02:59
There are many other wireless devices besides Wifi and Bluetooth. This talk examines the security of some of these devices, including wireless keyboards, mice, and presenters. Many of these devices are designed to be as cost effective as possible. These cost reductions directly impact their security. Examples of chip level sniffing will be shown as…
…
continue reading
1
Brian Chess, Jacob West, Sean Fay & Toshinari Kureha: Iron Chef Blackhat
57:41
57:41
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
57:41
Get ready for the code to fly as two masters compete to discover as many security vulnerabilities in a single application as possible. In the spirit of the Food Network?s cult favorite show, Iron Chef, our Chairman will reveal the surprise ingredient (the code), and then let the challenger and the ?Iron Hacker? face off in a frenetic security battl…
…
continue reading
1
Tony Sager: KEYNOTE: The NSA Information Assurance Directorate and the National Security Community
46:15
46:15
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
46:15
The Information Assurance Directorate (IAD) within the National Security Agency (NSA) is charged in part with providing security guidance to the national security community. Within the IAD, the Vulnerability Analysis and Operations (VAO) Group identifies and analyzes vulnerabilities found in the technology, information, and operations of the Depart…
…
continue reading
1
Bruce Schneier: KEYNOTE: The Psychology of Security
49:21
49:21
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
49:21
Security is both a feeling and a reality. You can feel secure without actually being secure, and you can be secure even though you don't feel secure. In the industry, we tend to discount the feeling in favor of the reality, but the difference between the two is important. It explains why we have so much security theater that doesn't work, and why s…
…
continue reading
1
Jonathan Afek: Dangling Pointer
1:06:58
1:06:58
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:06:58
A Dangling Pointer is a well known security flaw in many applications. When a developer writes an application, he/she usually uses pointers to many data objects. In some scenarios, the developer may accidentally use a pointer to an invalid object. In such a case, the application will enter an unintended execution flow which could lead to an applica…
…
continue reading
1
Pedram Amini & Aaron Portnoy: Fuzzing Sucks! (or Fuzz it Like you Mean it!)
1:13:03
1:13:03
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:03
Face it, fuzzing sucks. Even the most expensive commercial fuzzing suites leave much to be desired by way of automation. Perhaps the reason for this is that even the most rudimentary fuzzers are surprisingly effective. None the less, if you are serious about fuzz testing in as much a scientific process as possible than you have no doubt been disapp…
…
continue reading
1
Brandon Baker: Kick Ass Hypervisoring: Windows Server Virtualization
59:03
59:03
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
59:03
Virtualization is changing how operating systems function and how enterprises manage data centers. Windows Server Virtualization, a component of Windows Server 2008, will introduce new virtualization capabilities to the Windows operating system. This talk will focus on security model of the system, with emphasis on design choices and deployment con…
…
continue reading
1
Andrea Barisani & Daniele Bianco: Injecting RDS-TMC Traffic Information Signals a.k.a. How to freak out your Satellite Navigation.
1:06:47
1:06:47
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:06:47
RDS-TMC is a standard based on RDS (Radio Data System) for communicating over FM radio Traffic Information for Satellite Navigation Systems. All modern in-car Satellite Navigation systems sold in Europe use RDS-TMC to receive broadcasts containing up to date information about traffic conditions such as queues and accidents and provide detours in ca…
…
continue reading
1
Rohyt Belani & Keith Jones: Smoke 'em Out!
1:20:42
1:20:42
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:20:42
Tracing a malicious insider is hard; proving their guilt even harder. In this talk, we will discuss the challenges faced by digital investigators in solving electronic crime committed by knowledgeable insiders. These challenges will be presented in light of three real world investigations conducted by the presenters. The focus of this talk will on …
…
continue reading
1
Yoriy Bolygin: Remote and Local Exploitation of Network Drivers
1:14:40
1:14:40
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:14:40
During 2006 vulnerabilities in wireless LAN drivers gained an increasing attention in security community. One can explain this by the fact that any hacker can take control over every vulnerable laptop of entire enterprise without any "visible" connection with those laptops and execute a malicious code in kernel. This work describes the process behi…
…
continue reading
1
Damiano Bolzoni & Emmanuel Zambon: Sphinx: an anomaly-based Web Intrusion Detection System
1:03:39
1:03:39
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:03:39
We present Sphinx, a new fully anomaly-based Web Intrusion Detection Systems (WIDS). Sphinx has been implemented as an Apache module (like ModSecurity, the most deployed Web Application Firewall), therefore can deal with SSL and POST data. Our system uses different techniques at the same time to improve detection and false positive rates. Being ano…
…
continue reading
1
Jamie Butler & Kris Kendall: Blackout: What Really Happened...
1:10:25
1:10:25
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:10:25
Malicious software authors use code injection techniques to avoid detection, bypass host-level security controls, thwart the efforts of human analysts, and make traditional memory forensics ineffective. Often a forensic examiner or incident response analyst may not know the weaknesses of the tools they are using or the advantage the attacker has ov…
…
continue reading
1
David Byrne: Intranet Invasion With Anti-DNS Pinning
53:54
53:54
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
53:54
Cross Site Scripting has received much attention over the last several years, although some of its more ominous implications have not received much attention. Anti-DNS pinning is a relatively new threat that, while not well understood by most security professionals, is far from theoretical. This presentation will focus on a live demonstration of an…
…
continue reading
1
Stephan Chenette & Moti Joseph: Defeating Web Browser Heap Spray Attacks
35:27
35:27
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
35:27
In 2007 black hat Europe a talk was given titled: "Heap Feng Shui in JavaScript" That presentation introduced a new technique for precise manipulation of the browser heap layout using specific sequences of JavaScript allocations. This allowed an attacker to set up the heap in any desired state and exploit difficult heap corruption vulnerabilities w…
…
continue reading
1
Richard A. Clarke: KEYNOTE: A Story About Digital Security in 2017
44:50
44:50
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
44:50
To those who seek truth through science, even when the powerful try to suppress it. Richard A. Clarke is a former U.S. government official who specialized in intelligence, cyber security and counter-terrorism. Until his retirement in January 2003, Mr. Clarke was a member of the Senior Executive Service. He served as an advisor to four U.S. presiden…
…
continue reading
1
Jim Christy: Meet the Feds
1:13:48
1:13:48
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:13:48
Discussion of the power of Digital Forensics today and the real-world challenges. Also discuss the Defense Cyber Crime Center (DC3) and the triad of organizations that comprise DC3; The Defense Computer Forensics Lab, the Defense Cyber Crime Institute, and the Defense Cyber Investigations Training Academy. The evolving discipline of cyber crime inv…
…
continue reading
1
Maria Cirino: Meet the VC's
1:07:57
1:07:57
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:07:57
2007 held numerous watershed events for the security industry. Innovation is needed and the money is there. Come to this session and meet the VCs actively investing in security, web, and mobile applications. Learn how VCs see the future, what they are looking for, and how best to utilize them to further your innovations. This session will conclude …
…
continue reading
1
Robert W Clark: Computer and Internet Security Law - A Year in Review 2006 - 2007
1:01:09
1:01:09
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:01:09
This presentation reviews the important prosecutions, precedents and legal opinions of the last year that affect internet and computer security. We will discuss the differences between legal decisions from criminal cases and civil lawsuits and what that means to the security professional. Additionally, we look at topics such as: email retention and…
…
continue reading
1
David Coffey & John Viega: Building an Effective Application Security Practice on a Shoestring Budget
1:07:57
1:07:57
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:07:57
Software companies inevitably produce insecure code. In 2006 alone, CERT has recognized over 8,000 published vulnerabilities in applications. Attackers were previously occupied by the weaker operating systems and have moved on to easier targets: applications. What makes this situation worse, is the weaponization of these exploits and the business d…
…
continue reading
1
Job De Haas: Side Channel Attacks (DPA) and Countermeasures for Embedded Systems
1:19:23
1:19:23
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:19:23
For 10 years Side Channel Analysis and its related attacks have been the primary focus in the field of smart cards. These cryptographic devices are built with the primary objective to resist tampering and guard secrets. Embedded systems in general have a much lower security profile. This talk explores the use and impact of Side Channel Analysis on …
…
continue reading
1
Jared DeMott, Dr. Richard Enbody & Dr. Bill Punch: Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing
40:05
40:05
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
40:05
Runtime code coverage analysis is feasible and useful when application source code is not available. An evolutionary test tool receiving such statistics can use that information as fitness for pools of sessions to actively learn the interface protocol. We call this activity grey-box fuzzing. We intend to show that, when applicable, grey-box fuzzing…
…
continue reading
As VoIP products and services increase in popularity and as the "convergence" buzzword is used as the major selling point, it's time that the impact of such convergence and other VoIP security issues underwent a thorough security review. This presentation will discuss the current issues in VoIP security, explain why the current focus is slightly wr…
…
continue reading
1
Rohit Dhamankar & Rob King: PISA: Protocol Identification via Statistical Analysis
39:52
39:52
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
39:52
A growing number of proprietary protocols are using end-to-end encryption to avoid being detected via network-based systems performing Intrusion Detection/Prevention and Application Rate Shaping. Attackers frequently use well known ports that are open through most firewalls to tunnel commands for controlling zombie systems. This presentation shows …
…
continue reading
Tor project, an anonymous communication system for the Internet that has been funded by both the US Navy and the Electronic Frontier Foundation.Oleh feedback@blackhat.com (Black Hat RSS Feed)
…
continue reading
1
Mark Dowd, John Mcdonald & Neel Mehta: Breaking C++ Applications
1:15:15
1:15:15
Main Kemudian
Main Kemudian
Senarai
Suka
Disukai
1:15:15
This presentation addresses the stated problem by focusing specifically on C++-based security, and outlines types of vulnerabilities that can exist in C++ applications. It will examine not only the base language, but also covers APIs and auxillary functionality provided by common platforms, primarily the contemporary Windows OSs. The topics that wi…
…
continue reading