Menu
The Black Page is always looking for interesting comments from researchers and experts about issues that affect the security community. Contact us here to learn more about submission rules.
BLACKPAGE ARCHIVES
2009
A Message from Vincenzo Iozzo
contributed by Vincenzo Iozzo
During my presentation at this year Black Hat DC conference, I promised to show in the demo my attack applied to Safari. Unfortunately I forgot to patch a small bug in the code and wasn't able to show that part of the demo. This blog post serves for three key reasons:
To explain the problem that was encountered during the demo...
2007
Black Hat Training
contributed by Jeff Moss
At Black Hat Training, we take pride in the quality of instruction we make available. We know that there are plenty of shows available in the field of information security, and we believe that the loyalty shown by our delegates is based in large part on the timely, technical and relevant training that we offer...
The Halvar Conundrum
contributed by Darington Forbes
Thomas Dullien, known in security circles as Halvar Flake, was scheduled to conduct a training class and a briefing at this year's Black Hat USA. Both were highly anticipated, both because Halvar is one of the foremost reverse engineers in the world and because he's been a popular speaker at the conference for the past seven years...
TPMKit
contributed by Darington Forbes
Until early this week, security experts Nitin and Vipin Kumar of NV Labs were scheduled to present a briefing entitled "TPMkit: Breaking the Legend of Trusted Computing (TC [TPM]) and Vista (BitLocker)" This talk was removed from the schedule at the request of the presenters. The topic generated quite a great deal of interest and its removal from the schedule without comment has generated some confusion and controversy...
C++
Mark Dowd, John McDonald, Neel Mehta, Paul Vincent Sabanal
Have you ever noticed that nearly all discussions regarding finding vulnerabilities or secure programming for C/C++ focus almost exclusively on C? The reasoning for this is most likely that the authors want to capture behavior that affects both of the languages, thus providing knowledge applicable to more developers/auditors and can be applied to more projects. This has resulted in an in-depth knowledge base of C-based issues that most security professionals know and an ever-increasing number of developers are aware of...
Timing
by Dominique Brezinski, Justin Ferguson, Ariel Waissbein & Damian Saura, Jonathan Afek, Haroon Meer & Marco Slaviero
It is that time again: Black Hat in the hot LV summer. It always comes sooner than I expect. We have been working like mad to get the schedule together, which is basically done. One of the underlying themes this year is timing. I don't pick these things; it is really a reflection of the direction of research in our community. Another theme is nuance...
2006
Forensics
by Dominique Brezinski, Chuck Willis, Dr. Neal Krawetz, Johnny Long and Kevin Mandia
I am so relieved. It has finally happened: the forensic field is transitioning from techniques that satisfy the needs of law enforcement to techniques that satisfy the needs of everyone else...
VOIP Security
by Dominique Brezinski, Doug Mohney, David Endler, Hendrik Scholz, Jay Schulman
In 2000 a co-worker brought an early Cisco VoIP phone into my office. He was tasked with doing a security review prior to a potential deployment in the company. His summation after five minutes with the docs, “It uses bootp and tftp to retrieve its operating image and unencrypted UDP to carry the audio stream...
Enterprise Networks vs. Cisco Vulnerabilities
by Paul Proctor
First, some context. I've been in security for 20 years and started my career as a kernel programmer. However, at Gartner, my job is to serve large enterprise clients (revenue $1B and up). It‚s fun to play both sides with technical knowledge and the big, strategic business context but let me be up front about one thing; I gave up my hands on technical skills long ago and now I talk for a living...
Advances in Anomaly Detection
by Tzi-cker Chiueh & Stefano Zanero
Since we published the PAID paper in 2004, people have asked whether the same approach could be extended to the Windows® platform where only application binaries are available. Originally, we thought it was just a matter of applying a state-of-the-art disassembler such as IDA Pro to a Windows binary to obtain its intermediate form, and then using the original PAID compiler to derive its sandboxing policy...
Abusing the Foundation
by Barnaby Jack & John Heasman
I’ve always been fascinated by hardware. We live in a world that revolves around being “connected”. From automobiles to home appliances, there is no shortage of Internet-connected devices. Has anyone ever thought about the possible mayhem that could ensue with a remote “oven overflow”?
Taking Apart Black Boxes
by Mikko Kiviharju, Philippe Biondi and Fabrice Desclaux
There is growing emphasis on reverse engineering in the security community. There is also an increasing interest in hardware hacking. As more people gain understanding of the art and techniques of these disciplines, they are collectively revealing soft spots in the security of what were previously opaque systems. From closed-sourced, proprietary software to peripheral devices, we are finally seeing in-depth, third-party security reviews...
Information in Unusual Places
Mariusz Burdach and Simson Garfinkel
Simson Garfinkel has purchased 500 hard drives on eBay and analyzed them to learn interesting things about their previous owners. He gave a presentation of his tools and techniques. Amazing...
Disinfecting Your Phone Without Lysol?
Jarno Niemelä
Historically, only file systems were considered as storage where evidence could be found. But what about the volatile memory that contains a huge amount of useful information? Why not dump the content of the memory during data collection from a suspicious computer? How do you analyze the physical memory? Is it possible? I will try to find the answer...
Post-Exploit Automation?
spoonm and skape
We have recently been on a new shellcode kick, but this time it's not about making them smaller. We're currently working on building very powerful new post-exploitation shellcode and toolkits, and a very powerful unified API to expose their functionality. ..
Worm Evolution
David Aitel and Billy Hoffmann
Jose Nazario, editor of wormblog.com, has this to say about my Nematode research: “What is interesting out of Dave's talk is the nematode generation tools he wrote. They work well, and they get around the problem of a lot of boilerplate code that has to be written for any worm. This is potentially a scary development, as more sophisticated attackers will begin improving their worms with these kinds of tools and dropping in exploits in a matter of minutes...
2005