Black Hat //Webcast Series

security research in real time

Black Hat Webcast No. 1

The Forbidden Sneak Peek - Black Hat USA 2008

Thursday, June 26 1:00 pm PST/4:00 pm ET • FREE

Speakers: Jeff Moss, Bruce Potter, Fyodor Vaskovich, Shawn Moyer, Nathan Hamiel, Nathan McFeters, John Heasman, Rob Carter, Steve Reavey, Katie Moussouris, Steve Adegbite




Overview:

Please join Black Hat Founder and Director Jeff Moss and several of this year’s USA speakers for our very first Black Hat Webcast.

We plan for this webcast to be the first in a year-round series of online presentations that allow our speakers to present breaking research between shows and provide the Black Hat community with another stream of fresh, relevant, and usable security knowledge from the speakers and trainers you’ve come to trust.

During this inaugural webcast, Jeff Moss will provide an overview of prevailing security trends and technologies and will be joined by several of the world’s leading security minds who will each provide a brief preview of the topics they will be presenting at the Black Hat Briefings & Trainings in August. Here’s a small glimpse into the future:

Malware Detection Through Flow Analysis

by Bruce Potter

Over the last several years, we've seen a decrease in effectiveness of "classical" security tools. The nature of the present day attacks is very different from what the security community has been used to in the past. Rather than wide-spread worms and viruses that cause general havoc, attackers are directly targeting their victims in order to achieve monetary or military gain. These attacks are blowing right past firewalls and anti-virus and placing malware deep in the enterprise. Ideally, we could fix this problem at its roots; fixing the software that is making us vulnerable. Unfortunately that's going to take a while, and in the interim security engineers and operators need new, advanced tools that allow deeper visibility into systems and networks while being easy and efficient to use.

Bruce Potter

Bruce Potter is the founder of the Shmoo Group which is made up of security, crypto, and privacy professionals. He is also the co-founder and CTO of Ponte Technologies, a company focused on developing and deploying advanced IT defensive technologies. His areas of expertise include wireless security, network analysis, trusted computing, pirate songs, and restoring hopeless vehicles. Mr. Potter has co-authored several books including "802.11 Security" and "Mastering FreeBSD and OpenBSD Security" published by O'Reilly and "Mac OS X Security" by New Riders.

Nmap - Scanning the Internet

by Fyodor Vaskovich

Nmap was built to efficiently scan large networks, but we have lately taken this to a new level with massive scans of the IPv4 Internet. We hope to finish scanning a significant portion of the Internet (if not the whole thing) in time for Black Hat as part of our Worldscan project. Nmap author Fyodor will present our most interesting findings and empirical statistics from these scans, along with practical advice for improving your own scan performance. Additional topics include detecting and subverting firewall and intrusion detection systems, dealing with quirky network configurations, and advanced host discovery and port scanning techniques. A quick overview of new Nmap features will also be provided.

Fyodor Vaskovich

Fyodor (known to his family as Gordon Lyon) authored the open source Nmap Security Scanner in 1997 and continues to coordinate its development. He also maintains the Insecure.Org, Nmap.Org, SecLists.Org, and SecTools.Org security resource sites and has authored seminal papers on stealth port scanning, remote operating system detection, version detection, and the IPID Idle Scan. He is a founding member of the Honeynet project and co-author of the books "Know Your Enemy:Honeynets" and "Stealing the Network:How to Own a Continent". His newest book, Nmap Network Scanning, is due for release this year. Fyodor is President of Computer Professionals for Social Responsibility (CPSR), which has been promoting free speech, privacy, and useful technology since 1981.

Satan is on My Friends List: Attacking Social Networks

by Shawn Moyer and Nathan Hamiel

Social Networking is shaping up to be the perfect storm. An implicit trust of those in ones network or social circle, a willingness to share information, little or no validation of identity, the ability to run arbitrary code (in the case of user-created apps) with minimal review, and a tag soup of client-side user-generated HTML. Yikes.

But enough about pwning the kid from homeroom who copied your calc homework. With the rise of business social networking sites, there are now thousands of public profiles with real names and titles of people working for major banks, the defense and aerospace industry, federal agencies, the US Senate... A target-rich and trusting environment for custom-tailored, laser-focused attacks.

Shawn Moyer and Nathan Hamiel

Shawn Moyer is CISO of Agura Digital Security, a web and network security consultancy. He has led security projects for major multinational corporations and the federal government, written for Information Security magazine, and spoken previously at BH and other conferences.

Shawn is currently working on a slash fanfic adaptation of 2001:A Space Odyssey, told from the perspective of Hal9000. He only accepts friend requests on Facebook if they include a DNA sample and a scanned copy of a valid driver's license or passport.

Nathan Hamiel is a Senior Consultant for Idea Information Security and the founder of the Hexagon Security Group. He is also an Associate Professor at the University of Advancing Technology. Nathan has previously presented at numerous other conferences including DefCon, Shmoocon, Toorcon, and HOPE.

Natahan spent much of DefCon 15 without shoes and is planning ahead this year with a defense-in-depth approach that includes failover footwear. He has 1,936 people in his extended network, and finds that disturbing on a number of levels.

The Internet is Broken: Beyond Document.Cookie - Extreme Client Side Exploitation

Nathan McFeters, John Heasman, Rob Carter

The dangers of client-side threats such as XSS and CSRF are well understood in the context of vulnerable web applications. Furthermore, the dangers of malicious script as a vehicle for exploiting browsers flaws and reconnoitering the Intranet have been discussed at length. Now what if XSS and CSRF could be leveraged to directly to compromise the host... by design?

Nathan McFeters is a Senior Security Advisor for Ernst & Young's Advanced Security Center (ASC) and is currently serving in a Security Evangelist role for the ASC based out of Chicago, IL. Nathan has performed web application, deep source code, Internet, Intranet, wireless, dial-up, and social engineering engagements for several clients in the Fortune 500 during his career at Ernst & Young.

John Heasman is the VP of Research for the US arm of NGS Software, a UK-based company with offices in Seattle. NGS carries out sophisticated security assessments for the world's leading software vendors and financial institutions.

Rob Carter is a Security Advisor for Ernst & Young's Advanced Security Center in Houston, TX. He has performed web application, internet, intranet, social engineering and wireless penetration tests for multiple Fortune 500 clients. Rob's primary area of interest is in web application security research and tool development.

Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World

Has Microsoft lost its mind??!! Yes and no! Three top security dudes (one technically being a dudette) at Microsoft have come up with three new programs that will change the face of the vulnerability industry.

Mike Reavey - as group manager of the Microsoft Security Response Center (MSRC) at Microsoft Corp., Mike Reavey works with security teams to proactively identify and communicate critical software vulnerabilities to customers. Building on Microsoft’s commitment to Trustworthy Computing,

Steve Adegbite aka Capn Steve Adegbite is a Senior Security Strategist in the MSRC Security Ecosystem Strategy Team, working in the group that is responsible for securing current and future Microsoft products.

Katie Moussouris is a Security Strategist in the MSRC Security Ecosystem Strategy Team, working in the group that is responsible for securing current and future Microsoft products.




Webcast Sponsor

Microsoft Corporation