Network Security, Vulnerability Management

Black Hat security conference to include 110 talks

When Black Hat's annual security conference rolls into Las Vegas at the end of July, event organizers promise one of the most "content-heavy" installments yet.

Last week, the conference, now in its 16th year, announced some of the planned presentations, most of which are known as "briefings" and which will span 11 tracks. In total, there will be 110 talks.

"Normally Black Hat accepts in the 80-90 range, but they expanded the number this year because there was so much incredible content – it was hard to fit it all in," a Black Hat spokeswoman told SCMagazine.com. "Not all of these talks have been announced on the website yet." 

They range from the deeply technical – "How to Grow a Tree (Taint-Enabled Reverse Engineering Environment) from CBASS (Cross-Platform Binary Automated Symbolic-Execution System) – to ones that surely will garner mainstream attention, like "Mactans: Injecting Malware into iOS Devices via Malicious Chargers."

The briefings also will include at least a session each spreading insight and analysis on some of the security industry's most talked-about challenges, including advanced persistent threats (APTs), Java shortfalls, insider threats and federal cyber attack response.

Meanwhile, mobile will retain a major presence, with talks planned on phone cloning, SIM cad vulnerabilities and the injection of "spying" components into any Android application.

Many of the sessions, such as "The Outer Limits: Hacking the Samsung Smart TV," will chronicle how many of today's devices are web-enabled, thus open to attack. No fewer than four of the talks will center on disrupting physical security systems.

Craig Heffner's presentation will detail how zero-day vulnerabilities can grant attackers full access to commonly deployed network surveillance cameras, such as those made by D-Link and Cisco. Researchers Daniel Crowley, David Bryan and Jennifer Savage will explain how network-attached devices, including door locks and space heaters, can be compromised. Drew Porter and Stephen Smith promise live demonstrations of how they learned to bypass home and office physical security systems. And Behrang Fouladi and Sahand Ghanoun intend to show how wireless communication protocols used by home automation systems, which control things like lighting, HVAC, home theaters and security, are susceptible to attack.

Keynotes are planned from Gen. Keith Alexander, director of the National Security Agency, and Brian Muirhead, chief engineer of the NASA Jet Propulsion Laboratory. There also will be workshops and "turbo talks," 15-minute presentations that don't require a full-length spot.

Black Hat runs from July 27 to Aug. 1, with most of the action falling on the final two days.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.