Rootkits. Zero-day exploits. Social engineering. Encryption cracking. Cryptography. File format fuzzing. Kernel exploitation. These are just some of the buzzwords making the rounds at the Black Hat USA 2005 security conference here, where some of the sharpest minds in the research community will congregate to share information on computer and Internet security threats.

The powwow, organized by Black Hat Inc., promises 60 new security research presentations, 13 hacking tools, 15 new exploits, the first-ever example of exploit shellcode in Cisco IOS, and numerous debates on privacy, defense mechanisms and industry trends.

When the briefings start on Wednesday, all eyes—and ears—will be on David Litchfield's presentation on new zero-day vulnerabilities. Litchfield, a founder of Next Generation Security Software Ltd., is best known for his work on finding gaping security holes in Oracle Corp. database products, and his discussion is expected to shine the spotlight on a new range of unpatched vulnerabilities in several Internet-facing applications.

At last year's Black Hat, it was Litchfield who blew the lid off Oracle's tardiness in patching highly critical Oracle database flaws. His research work prompted widespread criticism of Oracle's response to known vulnerabilities and forced the company to implement a quarterly patching schedule.

The link for this article located at eWeek is no longer available.