Black Hat Las Vegas 2007: Special news coverage

SearchSecurity.com covers all the controversy at this year's show with news, features, podcasts, interviews, exploits and more direct from Las Vegas.


| TOP STORIES | BLOG UPDATES | FEATURES | PODCASTS | OTHER NEWS |

Visit the Black Hat USA 2007 Web site

FEATURES

Black Hat 2007 preview: Blue Pill under scrutiny
Among the highlights at the year's most anticipated hacker event, vulnerability researchers will challenge Joanna Rutkowska's Blue Pill concept. They'll also pick apart flaws in VoIP, NAC and Web applications.

Black Hat 2007: Lessons of the Estonian attacks
Beyond Security's Gadi Evron talks about what IT professionals can learn from recent coordinated cyberattacks against the Baltic nation of Estonia.

Black Hat 2007: More on the dangers of Ajax
SPI Dynamics researcher Billy Hoffman previews his Black Hat presentations on Ajax dangers and explains why he's feeling good about HP's acquisition of the company.

PODCASTS

Security Wire Weekly, Black Hat Special Edition
Security researchers Brian Chess and Jacob West of Fortify Software discuss penetration testing, secure software development and their latest book. Also, a researcher warns that attackers could threaten Vista users by exploiting Teredo, an IPv6 tunneling tool enabled by default in the latest Windows OS.

Security Wire Weekly, Black Hat Special Edition for Aug. 2, 2007
In this special Black Hat edition of Security Wire Weekly, PGP creator Phil Zimmermann and Peter Thermos of Palindrome Technologies unveil tools to improve VoIP security.

Security Wire Weekly special: Security expert calls Web services research lacking
Black Hat 2007 presenter Brad Hill, a principal security consultant with Information Security Partners, said little research is being done to test Web services security. Many holes are going unnoticed, he said.

Security Wire Weekly Special: Black Hat Briefings 2007 preview – Gadi Evron
Beyond Security's Gadi Evron talks about what IT professionals can learn from recent coordinated cyberattacks against the Baltic nation of Estonia.

Security Wire Weekly Special: Black Hat Briefings 2007 preview - Billy Hoffman
Senior News Writer Bill Brenner interviews Billy Hoffman, a researcher with SPI Dynamics about Ajax application threats and previews Hoffmans Black Hat presentation.

TOP STORIES
 

Black Hat 2007: Mozilla to extend security in major Firefox update
The next version of Firefox will include new anti-phishing and anti-malware capabilities. Mozilla also plans to release a pair of fuzzing tools to detect Java, FTP and HTTP flaws.

Black Hat 2007: Security holes revealed in forensics software
Researchers from iSEC Partners tell the Black Hat 2007 audience that the industry's leading forensics software is susceptible to attack.

Black Hat 2007: Estonian attacks were a cyber riot, not warfare
Researcher Gadi Evron says recent DoS attacks against Estonia weren't government-sponsored warfare, but the U.S. and other large countries could learn from Estonia's successful response.

Black Hat 2007: For financial firms, availability too often trumps security
Researchers say startling weaknesses in key protocols such as FIX and an addiction to availability have left the financial services industry in need of a security wake-up call.

Black Hat 2007: Vista users urged to beware of IPv6
A researcher warns that attackers could make trouble for Vista users by exploiting Teredo, an IPv6 tunneling tool enabled by default in the latest Windows OS.

Black Hat 2007: Researchers demonstrate webmail, social networking flaws
Researchers at Errata Security warn that users of popular social networking Web sites and Web-based email services such as Google's Gmail are at risk of having their sessions hijacked.

Black Hat 2007: Rootkit hunters caught in cat-and-mouse game
Is Joanna Rutkowska's infamous Blue Pill rootkit really undetectable? Researchers at Black Hat USA explain how to find it, but there's a catch: their method may not always work.

Black Hat 2007: New database forensics tool could aid data breach cases
Database security researcher David Litchfield of UK-based NGS Software will release a free Forensic Examiners Database Scalpel, which he says could aid data breach investigations.

Black Hat 2007: NSA official stumps for information sharing
In a rare public address, an NSA official told Black Hat attendees that information sharing is the key to better information security, both for the government and for enterprises.

Black Hat 2007: VoIP security reaches tipping point
VoIP security is as bad today as it was a couple years ago, industry experts say. But PGP creator Phil Zimmermann thinks his new Zfone software will help turn the tide.

Black Hat 2007: Researchers highlight new database attack method
At this week's hacker confab, expert penetration testers will demonstrate how cyberthieves can reach into corporate databases -- without exploiting a specific software flaw -- to steal credit card and Social Security numbers.

Researchers expose Ajax programming dangers
Two security engineers from SPI Dynamics comb resources on the Net to build an Ajax application from scratch; the final product is rife with problems.

New hacking technique exploits common programming error
Researchers at Watchfire say they discovered a new technique that exploits a common dangling pointer error.









Read more on Voice networking and VoIP