Black Hat USA - Security Intelligence

Moving a task on the sprint plan during daily scrum.

news

GitPwnd Shows How Threat Actors Could Hijack Git Repositories in Software Development

Researchers have created a tool that uses Git repositories to demonstrate how Agile and other software development approaches could have security issues.

August 7, 2017 | By Shane Schick

news

news

Nuclear Power Plants at Risk Due to Radiation Monitoring Flaws

Researchers discovered unpatched vulnerabilities in radiation monitoring devices (RMDs) that attackers could leverage to breach nuclear power plants.

July 31, 2017 | By Mark Samuels

news

article

IBM X-Force Red Turns 1, Expands Into Auto and IoT Practice Areas

Today IBM X-Force Red launches a collaboration with the Watson IoT Platform to help ensure that all IoT solutions get our special brand of hacker love.

July 24, 2017 | By Charles Henderson

article

article

Getting the Most Out of Black Hat

The Black Hat conference offers a chance to network and glean insights from experts that can change the way you think about security.

July 21, 2017 | By Martin McKeay

article

Attending a security conference is about more than going to sessions and soaking up research. The real value of these experiences often stems from the so-called "Hallway Track," which focuses on the socialization and networking professionals can do.

In-Person Event

Black Hat USA 2017

Now in its 20th year, Black Hat is the world’s leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2017 kicks off with four days of technical Trainings (July 22-25)...

July 22, 2017 — July 27, 2017

Mandalay Bay, Las Vegas, NV

In-Person Event

Security leaders, researchers, engineers, developers, analysts, operational business leaders and technology enthusiasts all stand to benefit from the myriad security conferences being held throughout the U.S. and the world in 2017.

article

Security Conferences Abound: Which Should You Attend?

Security leaders, professionals and operational business leaders all stand to benefit from the myriad security conferences being held in 2017.

August 26, 2016 | By Christopher Burgess

article

HEIST builds on the shoulders of previous attacks that used cryptographic schemes to advance their aims. The developers claim that HEIST can make an educated guess as to the plaintext contained in an encrypted message from the length of the message.

news

HEIST Uses a Cryptographic Scheme to Steal Data

Cybercriminals developed HEIST, or "HTTP Encrypted Information can be Stolen Through TCP-Windows," to steal data using a cryptographic scheme.

August 8, 2016 | By Larry Loeb

news

The flaws discovered in the Black Hat app could have enabled trolls to enter nonsense email address details, and create fake profiles with bogus photos and corporate details of their choice. As a result of this disclosure, the app was pulled.

news

Flaws Found: Social Side of Black Hat App Goes Dark

The official 2016 Black Hat app contained a number of serious social flaws, which organizers disabled before the app went live.

August 2, 2016 | By Douglas Bonderud

news

article

Hungry Hippos Meet Interactive Cyber Management at Black Hat USA 2016

A unique, interactive game at this year's Black Hat USA event will test players' ability to stay calm in a crisis, a key skill to have during a cyberattack

July 31, 2016 | By Aidan Knowles

article

CVE-2016-0117 is in WinRT PDF's PostScript interpreter for Type 4 (PostScript Calculator) functions. These functions use a subset of the PostScript language operators, which use the PostScript operand stack when performing their functions.

article

Read From PDF, Write to Edge’s Memory (CVE-2016-0117)

CVE-2016-0117 can be exploited to perform an arbitrary write to Edge's content process memory, a critical element for remote code execution.

July 29, 2016 | By Mark Yason

article

Tag: Black Hat USA