Black Hat 2007: Mozilla to extend security in
major Firefox update
The next version of Firefox will include new anti-phishing and
anti-malware capabilities. Mozilla also plans to release a pair of
fuzzing tools to detect Java, FTP and HTTP flaws.
Black Hat 2007: Security holes revealed in forensics
software
Researchers from iSEC Partners tell the Black Hat 2007 audience
that the industry's leading forensics software is susceptible to
attack.
Black Hat 2007: Estonian attacks were a cyber riot, not
warfare
Researcher Gadi Evron says recent DoS attacks against Estonia
weren't government-sponsored warfare, but the U.S. and other large
countries could learn from Estonia's successful response.
Black Hat 2007: For financial firms, availability too often trumps
security
Researchers say startling weaknesses in key protocols such as FIX
and an addiction to availability have left the financial services
industry in need of a security wake-up call.
Black Hat 2007: Vista users urged to beware of IPv6
A researcher warns that attackers could make trouble for Vista
users by exploiting Teredo, an IPv6 tunneling tool enabled by
default in the latest Windows OS.
Black Hat 2007: Researchers demonstrate webmail, social networking
flaws
Researchers at Errata Security warn that users of popular social
networking Web sites and Web-based email services such as Google's
Gmail are at risk of having their sessions hijacked.
Black Hat 2007: Rootkit hunters caught in cat-and-mouse
game
Is Joanna Rutkowska's infamous Blue Pill rootkit really
undetectable? Researchers at Black Hat USA explain how to find it,
but there's a catch: their method may not always work.
Black Hat 2007: New database forensics tool could aid data breach
cases
Database security researcher David Litchfield of UK-based NGS
Software will release a free Forensic Examiners Database Scalpel,
which he says could aid data breach investigations.
Black Hat 2007: NSA official stumps for information
sharing
In a rare public address, an NSA official told Black Hat attendees
that information sharing is the key to better information security,
both for the government and for enterprises.
Black Hat 2007: VoIP security reaches tipping point
VoIP security is as bad today as it was a couple years ago,
industry experts say. But PGP creator Phil Zimmermann thinks his
new Zfone software will help turn the tide.
Black Hat 2007: Researchers highlight new database attack
method
At this week's hacker confab, expert penetration testers will
demonstrate how cyberthieves can reach into corporate databases --
without exploiting a specific software flaw -- to steal credit card
and Social Security numbers.
Researchers expose Ajax programming dangers
Two security engineers from SPI Dynamics comb resources on the Net
to build an Ajax application from scratch; the final product is
rife with problems. New hacking technique exploits common programming
error
Researchers at Watchfire say they discovered a new technique that
exploits a common dangling pointer error.
|