Black Hat USA - Security Intelligence

article

Hungry Hippos Meet Interactive Cyber Management at Black Hat USA 2016

A unique, interactive game at this year's Black Hat USA event will test players' ability to stay calm in a crisis, a key skill to have during a cyberattack

July 31, 2016 | By Aidan Knowles

article

CVE-2016-0117 is in WinRT PDF's PostScript interpreter for Type 4 (PostScript Calculator) functions. These functions use a subset of the PostScript language operators, which use the PostScript operand stack when performing their functions.

article

Read From PDF, Write to Edge’s Memory (CVE-2016-0117)

CVE-2016-0117 can be exploited to perform an arbitrary write to Edge's content process memory, a critical element for remote code execution.

July 29, 2016 | By Mark Yason

article

While there are operating systems capable of handling an Internet of Things device, it's simply not enough. The IoT is not just about the device; it's also about the service ecosystem that provides most of the value and functionality to the users.

article

Exploring Operating Systems for the Internet of Things

As the Internet of Things becomes more prevalent, the demand for the technologies needed to manage and secure devices becomes greater.

July 27, 2016 | By Paul Sabanal

article

A security researcher recently discovered a new Microsoft Windows bug that has been dubbed BadTunnel. This workaround could allow cybercriminals to route a victim's web traffic through their own systems, allowing them to steal information.

article

BadTunnel: Bad News?

The recently discovered BadTunnel could mean bad news for Microsoft Windows users — that is, unless they move to patch their systems immediately.

July 5, 2016 | By Bryan Ivey

article

In-Person Event

Black Hat – built by and for the global InfoSec community – returns to Las Vegas for its 19th year. The 6-day event begins with four days (July 30 – August 2) of intense trainings for security practitioners of all levels, followed...

July 30, 2016 — August 4, 2016

Mandalay Bay Hotel, Las Vegas, NV

In-Person Event

Check out a list of the top security conferences slated for 2016 to learn more about what cybersecurity pros are looking forward to this year. Each event has its own advantages and offers opportunities for learning and networking.

article

The Pick of 2016 Security Conferences

There are dozens of exciting security conferences taking place across the world in 2016. Check out our top picks for the best bets of the year.

January 18, 2016 | By Fran Howarth

article

Password access managers can be tremendously helpful when it comes to keeping track of login credentials, especially for large organizations. But they must be used correctly in order to defend against savvy cybercriminals who prey on weak security.

article

Why You Should Consider Using Privileged Password Access Managers

Password access managers may be the most viable solution to the lack of security surrounding login credentials — if they are used effectively.

December 22, 2015 | By David Strom

article

Many of the talks at Black Hat and its related security conferences focused on the legal side of cybersecurity. While this may not be a comfortable topic for many security professionals or their companies, it is something that needs to be addressed.

article

The Five Most Interesting Talks at Black Hat, DEF CON and BSides

This year's lineup of talks at the Black Hat, DEF CON and BSides conferences was particularly interesting. Here are five of the hottest topics from Vegas.

August 19, 2015 | By Martin McKeay

article

Cybercriminals are getting better at carrying out zero-day exploits. They are identifying vulnerabilities and planning attacks more quickly than ever before, thanks in large part to a hack that leaked potential exploits earlier this summer.

news

Zero-Day Research: Time From Discovery to Exploit Shrinks to Four Days

New research presented at the Black Hat security conference showed that cybercriminals are getting faster at exploiting zero-day vulnerabilities.

August 6, 2015 | By Shane Schick

news

Researchers have recently created a tool that can be used to reduce an application attack surface by getting rid of functions that aren't used by the program in question. It does this by learning from the application's typical functions.

article

Reducing the Application Attack Surface: Breaking Payloads With Runtime Code Stripping and Image Freezing

Collaborative research has recently devised a means to reduce a Windows application's attack surface by removing unused functions from libraries that are loaded dynamically.

August 6, 2015 | By Chris Poulin

article

Tag: Black Hat USA