Blackhat USA 2006 - Review , remarks and proposal agenda
the Blackhat agenda for USA 2006 session had just been published : URL
<http://www.blackhat.com/html/bh-usa-06/bh-usa-06-schedule.html>
The first remark is that this year, Blackhat USA, will be an incredible
briefing !
There will be several Zero day announcements. For example: Brendan
O'Connor with his talk called "Vulnerabilities in Not-So Embedded
Systems" will focus on vulnerabilities, exploitation, and defence of the
new Xerox WorkCentre product line. Previously undisclosed
vulnerabilities will be released, along with exploit code that turns a
dumb printer, copier, or scanner into a network attack drone.
Some new trend or subject will be also presented: for example, Doug
Mohney will talk about Defending against Social Engineering with Voice
Analytics and Jay Schulman will present a new way of Phishing with
Asterisk PBX.
We notice also an interesting talk about "Bypassing Network Access
Control (NAC) Systems".
As usual there are several "deep knowledge" promising sessions such as
Fuzzing Selected Win32 Interprocess Communication Mechanisms from Jesse
Burns , Attacking Internationalized Software from Scott Stender or again
others "deep knowledege" subject that will become a prominent concern
for security people : 2 talks are dedicated to SAN (in)security (I’m
Going To Shoot The Next Person Who Says VLANs and Attacking Apple’s
Xsan) and another is dealing with Device Drivers given by Jon Ellch and
David Maynor.
ORACLE Databases seems to be again a good subject for speakers this
year. So we can think that Oracle is more and more Breakable :-)...
Attendees will learn How to Unwrap Oracle PL/SQL with Pete Finnigan or
how to implement 2nd generation of Rootiks into ORACLE with Alexander
Kornbrust.
We notice also some new ideas like using hardware device to improve
crackers efficiency. You will see that with David Hulton and Dan Moniz
on their talk called Hardware Hacks and Cracks with FPGAs. Another new
idea is concerning rootkit: See the Hardware Virtualization-Based
Rootkits from Dino Dai Zovi. We don't know exactly what Dan Kaminsky
will talk about SSL but this amazing security speaker always found
things with great impact? And this year in "The Worldwide SSL Analysis",
he will disclose a major flaw in the way many, many SSL devices operate.
He will discuss how widespread this flaw is, as well as announce results
from this worldwide SSL scan (that 's carried us :-)
Of course Blackhat will come with the release a lot of new tools. Some
are already available in beta like the web application scanner Oedipus
(URL <http://oedipus.rubyforge.org/>). Others tools will be a support of
several sessions:
- MatriXay that will be presented in session "When Web App & Database
Security Pen-Test/Audit Is a Joy" from Yuan Fan.
- Sensepost will, as usual, presented another innovative proxy tools
dedicated to pen tester in session "A Tale of Two Proxies".
- An AJAX-based XSRF attack framework will be release in the Breaking
AJAX Web Applications sessions given by Alex Stamos and
Zane Lacke
- LEVI is a new vulnerability auditing tool (Windows NT Family) which
addresses both of these issues by using a code integration-based
technique to monitor both imported and inlined functions will be
presented in session "Code Integration-Based Vulnerability Auditing"
given by William B Kimball
- PDB, The Protocol DeBugger from Jeremy Rauch (A tool chain geared
around dissecting protocols like a code debugger slices through code. A
protocol generation and manipulation framework with a clean, consistent
interface, thats scripted instead of compiled. And a fuzzing framework
to go along with it.
- To finish with this long list of tools, take a look at Punk Ode that
will be presented in "Hiding Shellcode in Plain Sight" session from
Michael Sutton and Greg MacManus.
We would like to highlith that there is a lot of session given by
Microsoft employees (See the VISTA track!). 7 sessions are concerned. We
wonder if they can be neutral in their talk...But let them their chance
to be honest security people :-)...And any way , VISTA security will
have so much impact on our security so we must learn about it as soon as
possible. Please welcome Microsoft employees and we will see the result...
In conclusion, Blackah USA Briefing will be a MUST this year. If you
have the opportunity to be an attendee, don't hesitate!
Security-briefings team propose to you the following agenda (For one
person):
Day 1 :
10:00 - 11:00 -> Black Ops 2006 - Dan Kaminsky
11:15 - 12:30 -> How to Unwrap Oracle PL/SQL - Pete Finnigan
13:45 - 15:00 -> Sidewinder: An Evolutionary Guidance System
for Malicious Input Crafting - Shawn Embleton, Sherri Sparks & Ryan
Cunningham
15:15 - 16:30 -> PDB: The Protocol DeBugger - Jeremy Rauch
16:45 - 18:00 -> Punk Ode: Hiding Shellcode In Plain Sight - Michael
Sutton & Greg McManus
Day 2 :
09:00 - 09:50 -> RFID Malware Demystified - Melanie Rieback
10:00 - 11:00 -> Hacking Intranet Websites from the Outside
"JavaScript malware just got a lot more dangerous"- Jeremiah Grossman &
TC Niedzialkowski
11:15 - 12:30 -> AJAX (in)security - Billy Hoffman
13:45 - 15:00 -> WiFi in Windows Vista: A Peek Inside the Kimono - Noel
Anderson
15:15 - 16:30 -> Vulnerabilities in Not-So Embedded Systems - Brendan
O'Connor
16:45 - 18:00 -> Faster Pwning Assured: Hardware Hacks and Cracks with
FPGAs- David Hulton
It's just a proposition and the most problem with this USA briefings is
that if your company want to take maximum benefices from this
conference, it will need to send 2 or 3 employees to follow all
interesting sessions ... that the only drawback of Blackhat : Too much
interesting subjects for one attendee :-)
Regards -
Comments are well come on http:www.security-briefings.com
---------------------------------------------------------------------
To unsubscribe, e-mail: list-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: list-help@xxxxxxxxxxxxxxxxxxxxxx