Organizations/Events - Page 16

Discover Organizations/Events News

Black Hat DC: Researchers To Release Web Development Platform Hacking Tool

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A technique used in Web application development platforms that provides a constant look-and-feel across multiple Web pages can potentially expose sensitive user data, such as credit-card numbers, according to researchers, who at next week's Black Hat DC will demonstrate a new class of vulnerabilities in Apache MyFaces, Sun Mojarra, and Microsoft ASP.NET. They will also release a tool that tests for the flaws.

Benjamin D. Thomas
Jan 29, 2010

Why There is no Kernel Hacker Sell-Out

As you may have noticed, posting to this blog was light last week, as in non-existent (OK, so you didn't notice.) This was because I was engaged in some serious geeking-out at the LCA2010 conference. One of the talks that I saw came from Jon Corbet, who gave a run-down on recent changes to the Linux kernel. A statistic that he mentioned along the way has garnered much comment: the fact that "75% of the code comes from people paid to do it.

Anthony Pell
Jan 25, 2010

Nmap: Network Tool turned Movie Star

Very rarely do movies put a real computer application to do a real thing, even rarely do they actually use it correctly. But, Nmap here, seems to be the hot favourite; be it CIA or NSA or a hot good-guy

Alex
Jan 13, 2010

60 years of achievements to be celebrated at Sandia National Labs mid-December

In terms of cyber security research findings, Sandia has made a significant achievement in successfully demonstrating for the first time the ability to run more than a million Linux kernels as virtual machines. A kernel is the central component of most computer operating systems. The achievement will allow cyber security researchers to more effectively observe behavior found in malicious botnets, or networks of infected machines that can operate on the scale of a million nodes.

Alex
Dec 14, 2009

The Malware Oscars Part 2

In part two of this three-part [video] series, Team Cymru members discuss more of the most successful and innovative malware attacks of 2009.

Alex
Dec 08, 2009

Hack In The Box security show heads to Europe

The organisers of the Hack In The Box security conferences in Malaysia are planning their first European show for Amsterdam next July. Hack In The Box (HITB) held its first security conference, or hacker convention, in Kuala Lumpur in 2003, one of the first major shows of its kind in Asia.

Alex
Nov 27, 2009

NIST Drafts Cybersecurity Guidance

Draft guidance from the National Institute of Standards and Technology issued last week, pushes government agencies to adopt a comprehensive, continuous approach to cybersecurity, tackling criticism that federal cybersecurity regulations have placed too much weight on periodic compliance audits.

Anthony Pell
Nov 24, 2009

US-CERT moves in with NCC, NCSC

The group responsible for coordinating U.S. responses to cyber threats is getting new digs. Department of Homeland Security (DHS) Secretary Janet Napolitano will cut the ribbon Friday at a new "unified operations center" in Arlington, Virginia, that will be home to the U.S. Computer Emergency Readiness Team (US-CERT).

Anthony Pell
Oct 30, 2009

SC World Congress: An assessment of defense tools

Security is compromised every day, whether the result of a bad password or someone from inside the company or from outside getting into the network to steal data. These words of warning came from Adam Meyers, principal of the information assurance division at SRA International, maker of technology tools and services. Meyers spoke last Tuesday at the SC World Congress in New York.

Anthony Pell
Oct 19, 2009

Q&A: Defcon's Jeff Moss on cybersecurity, government's role

As a hacker and organizer of Defcon, at event at which computer security vulnerabilities and exploits are routinely unveiled, Jeff Moss seemed an unusual choice when he was named to the Homeland Security Advisory Council in June.

Anthony Pell
Oct 16, 2009

apache.org downtime - initial report

This is a short overview of what happened on Friday August 28 2009 to the apache.org services. A more detailed post will come at a later time after we complete the audit of all machines involved. On August 27th, starting at about 18:00 UTC an account used for automated backups for the ApacheCon website hosted on a 3rd party hosting provider was used to upload files to minotaur.apache.org. The account was accessed using SSH key authentication from this host.

Anthony Pell
Aug 31, 2009

The GOAL of Security

Do you know THE Goal of your organization? Why does it exist? What

Anthony Pell
Aug 20, 2009

Black Hat Wi-Fi network hit by 154 DoS attacks

The Wi-Fi network at last week's Black Hat conference in Las Vegas was pummeled by multiple types of attacks -- but the network held (at least that was my experience).

Anthony Pell
Aug 06, 2009

Hanging with hackers can make you paranoid

When I first went to Defcon in 1995, the halls were mobbed with teenagers and attendees seemed more concerned with freeing Kevin Mitnick and seeing strippers than hacking each others' computers. Jump forward to Defcon 17 this year, which was held over the weekend in Las Vegas, things certainly have changed. The attendees are older and wiser and employed, most of the feds aren't in stealth mode, and even the most savvy of hackers is justifiably paranoid.

Anthony Pell
Aug 05, 2009

Hacking the Defcon badges

Most badges from conferences and trade shows end up in the trash. Not so the badges from the Defcon security show, which are stylized, mysterious, and highly customized electronics equipment designed to be hacked.

Anthony Pell
Aug 05, 2009

Crackers publish hackers' private data

On the eve of the Black Hat security conference, crackers published a comprehensive text document in the underground magazine Zero for Owned (ZF0), containing masses of emails, chat records, passwords and other private information belonging to famous members of the security industry. Evidently they captured the data by breaching the web servers of Kevin Mitnick, Dan Kaminsky and Julien Tinners. They boast of having captured 75,000 clear-text passwords this way, most of them from the databases of the forum systems running on the affected servers.

Anthony Pell
Jul 31, 2009

3 Tips to Get the Most Out of Black Hat/Defcon

CSO Senior Editor Bill Brenner has been to enough Black Hat conferences to know it can be information overload. Here he offers a few suggestions for getting the most value out of the experience.

Anthony Pell
Jul 28, 2009

L0pht Makes Comeback (Sorta) With Hacker News Network

The news report begins with shots of a tense space shuttle launch. Engineers hunch over computer banks and techno music pounds in the background. There is a countdown, a lift-off, and then you see a young man in a black T-shirt and sunglasses, apparently reporting from space.

Anthony Pell
Jul 26, 2009

New tool helps reconstruct attacks that don't leave traces on hard drives

Certain attacks that leave no trace on computer hard drives may be discoverable using a new tool that will be demonstrated at the Black Hat conference in Las Vegas next week.

Anthony Pell
Jul 23, 2009

11 Security Companies to Watch

In spite of the headwinds from a stormy economy, these start-up companies are down the runway and taking off with innovative products and services for IT security. On their radar can be found a focus on botnet and malware detection as well as mobile and virtualization security.

Anthony Pell
Jul 16, 2009

Organizations/Events - Page 16

BlackHat USA 2024: Key Takeaways for Linux Admins & InfoSec Pros

The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry

Embracing Digital Independence: The Case for Switching to Linux from Windows