<<< Date Index >>>     <<< Thread Index >>>

Blackhat USA 2006 - Review , remarks and proposal agenda



the Blackhat agenda for USA 2006 session had just been published : URL <http://www.blackhat.com/html/bh-usa-06/bh-usa-06-schedule.html>

The first remark is that this year, Blackhat USA, will be an incredible briefing !

There will be several Zero day announcements. For example: Brendan O'Connor with his talk called "Vulnerabilities in Not-So Embedded Systems" will focus on vulnerabilities, exploitation, and defence of the new Xerox WorkCentre product line. Previously undisclosed vulnerabilities will be released, along with exploit code that turns a dumb printer, copier, or scanner into a network attack drone.

Some new trend or subject will be also presented: for example, Doug Mohney will talk about Defending against Social Engineering with Voice Analytics and Jay Schulman will present a new way of Phishing with Asterisk PBX.

We notice also an interesting talk about "Bypassing Network Access Control (NAC) Systems".

As usual there are several "deep knowledge" promising sessions such as Fuzzing Selected Win32 Interprocess Communication Mechanisms from Jesse Burns , Attacking Internationalized Software from Scott Stender or again others "deep knowledege" subject that will become a prominent concern for security people : 2 talks are dedicated to SAN (in)security (I’m Going To Shoot The Next Person Who Says VLANs and Attacking Apple’s Xsan) and another is dealing with Device Drivers given by Jon Ellch and David Maynor.

ORACLE Databases seems to be again a good subject for speakers this year. So we can think that Oracle is more and more Breakable :-)... Attendees will learn How to Unwrap Oracle PL/SQL with Pete Finnigan or how to implement 2nd generation of Rootiks into ORACLE with Alexander Kornbrust.

We notice also some new ideas like using hardware device to improve crackers efficiency. You will see that with David Hulton and Dan Moniz on their talk called Hardware Hacks and Cracks with FPGAs. Another new idea is concerning rootkit: See the Hardware Virtualization-Based Rootkits from Dino Dai Zovi. We don't know exactly what Dan Kaminsky will talk about SSL but this amazing security speaker always found things with great impact? And this year in "The Worldwide SSL Analysis", he will disclose a major flaw in the way many, many SSL devices operate. He will discuss how widespread this flaw is, as well as announce results from this worldwide SSL scan (that 's carried us :-)


Of course Blackhat will come with the release a lot of new tools. Some are already available in beta like the web application scanner Oedipus (URL <http://oedipus.rubyforge.org/>). Others tools will be a support of several sessions: - MatriXay that will be presented in session "When Web App & Database Security Pen-Test/Audit Is a Joy" from Yuan Fan. - Sensepost will, as usual, presented another innovative proxy tools dedicated to pen tester in session "A Tale of Two Proxies". - An AJAX-based XSRF attack framework will be release in the Breaking AJAX Web Applications sessions given by Alex Stamos and
Zane Lacke
- LEVI is a new vulnerability auditing tool (Windows NT Family) which addresses both of these issues by using a code integration-based technique to monitor both imported and inlined functions will be presented in session "Code Integration-Based Vulnerability Auditing" given by William B Kimball - PDB, The Protocol DeBugger from Jeremy Rauch (A tool chain geared around dissecting protocols like a code debugger slices through code. A protocol generation and manipulation framework with a clean, consistent interface, thats scripted instead of compiled. And a fuzzing framework to go along with it. - To finish with this long list of tools, take a look at Punk Ode that will be presented in "Hiding Shellcode in Plain Sight" session from Michael Sutton and Greg MacManus.



We would like to highlith that there is a lot of session given by Microsoft employees (See the VISTA track!). 7 sessions are concerned. We wonder if they can be neutral in their talk...But let them their chance to be honest security people :-)...And any way , VISTA security will have so much impact on our security so we must learn about it as soon as possible. Please welcome Microsoft employees and we will see the result...

In conclusion, Blackah USA Briefing will be a MUST this year. If you have the opportunity to be an attendee, don't hesitate! Security-briefings team propose to you the following agenda (For one person):

Day 1 :
10:00 - 11:00 -> Black Ops 2006 - Dan Kaminsky
11:15 - 12:30 -> How to Unwrap Oracle PL/SQL - Pete Finnigan
13:45 - 15:00 -> Sidewinder: An Evolutionary Guidance System
for Malicious Input Crafting - Shawn Embleton, Sherri Sparks & Ryan Cunningham
15:15 - 16:30 -> PDB: The Protocol DeBugger - Jeremy Rauch
16:45 - 18:00 -> Punk Ode: Hiding Shellcode In Plain Sight - Michael Sutton & Greg McManus

Day 2 :
09:00 - 09:50 -> RFID Malware Demystified - Melanie Rieback
10:00 - 11:00 -> Hacking Intranet Websites from the Outside
"JavaScript malware just got a lot more dangerous"- Jeremiah Grossman & TC Niedzialkowski
11:15 - 12:30 -> AJAX (in)security - Billy Hoffman
13:45 - 15:00 -> WiFi in Windows Vista: A Peek Inside the Kimono - Noel Anderson 15:15 - 16:30 -> Vulnerabilities in Not-So Embedded Systems - Brendan O'Connor 16:45 - 18:00 -> Faster Pwning Assured: Hardware Hacks and Cracks with FPGAs- David Hulton

It's just a proposition and the most problem with this USA briefings is that if your company want to take maximum benefices from this conference, it will need to send 2 or 3 employees to follow all interesting sessions ... that the only drawback of Blackhat : Too much interesting subjects for one attendee :-)

Regards -
Comments are well come on http:www.security-briefings.com


---------------------------------------------------------------------
To unsubscribe, e-mail: list-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: list-help@xxxxxxxxxxxxxxxxxxxxxx