Black Hat 2007: Mozilla to extend security in major Firefox update The next version of Firefox will include new anti-phishing and anti-malware capabilities. Mozilla also plans to release a pair of fuzzing tools to detect Java, FTP and HTTP flaws.
Black Hat 2007: Security holes revealed in forensics software Researchers from iSEC Partners tell the Black Hat 2007 audience that the industry's leading forensics software is susceptible to attack. Black Hat 2007: Estonian attacks were a cyber riot, not warfare Researcher Gadi Evron says recent DoS attacks against Estonia weren't government-sponsored warfare, but the U.S. and other large countries could learn from Estonia's successful response. Black Hat 2007: For financial firms, availability too often trumps security Researchers say startling weaknesses in key protocols such as FIX and an addiction to availability have left the financial services industry in need of a security wake-up call. Black Hat 2007: Vista users urged to beware of IPv6 A researcher warns that attackers could make trouble for Vista users by exploiting Teredo, an IPv6 tunneling tool enabled by default in the latest Windows OS. Black Hat 2007: Researchers demonstrate webmail, social networking flaws Researchers at Errata Security warn that users of popular social networking Web sites and Web-based email services such as Google's Gmail are at risk of having their sessions hijacked. Black Hat 2007: Rootkit hunters caught in cat-and-mouse game Is Joanna Rutkowska's infamous Blue Pill rootkit really undetectable? Researchers at Black Hat USA explain how to find it, but there's a catch: their method may not always work. Black Hat 2007: New database forensics tool could aid data breach cases Database security researcher David Litchfield of UK-based NGS Software will release a free Forensic Examiners Database Scalpel, which he says could aid data breach investigations. Black Hat 2007: NSA official stumps for information sharing In a rare public address, an NSA official told Black Hat attendees that information sharing is the key to better information security, both for the government and for enterprises. Black Hat 2007: VoIP security reaches tipping point VoIP security is as bad today as it was a couple years ago, industry experts say. But PGP creator Phil Zimmermann thinks his new Zfone software will help turn the tide. Black Hat 2007: Researchers highlight new database attack method At this week's hacker confab, expert penetration testers will demonstrate how cyberthieves can reach into corporate databases -- without exploiting a specific software flaw -- to steal credit card and Social Security numbers. Researchers expose Ajax programming dangers Two security engineers from SPI Dynamics comb resources on the Net to build an Ajax application from scratch; the final product is rife with problems. New hacking technique exploits common programming error Researchers at Watchfire say they discovered a new technique that exploits a common dangling pointer error.
|