Black Hat Briefings, Las Vegas 2005 [Audio] Presentations From The Security Conference podcast

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Player FM - Internet Radio Done Right

Hozzáadva kilenc éve

A tartalmat a Black Hat / CMP and Jeff Moss biztosítja. Az összes podcast-tartalmat, beleértve az epizódokat, grafikákat és podcast-leírásokat, közvetlenül a Black Hat / CMP and Jeff Moss vagy a podcast platform partnere tölti fel és biztosítja. Ha úgy gondolja, hogy valaki az Ön engedélye nélkül használja fel a szerzői joggal védett művét, kövesse az itt leírt folyamatot https://hu.player.fm/legal.

Young and Profiting with Hala Taha (Entrepreneurship, Sales, Marketing)

1
Dave Ramsey: 5 Stages to Build and Scale a Business That Lasts | Entrepreneurship | E344 1:03:38

22 napja1:03:38

Lejátszás később

Listák

Tetszik

Kedvelt

1:03:38

Too many entrepreneurs get stuck on the business treadmill, hustling nonstop, unable to scale, and unknowingly stalling their growth. That’s where Dave Ramsey began. After crashing into $3 million in debt, he rebuilt from scratch, turning a small radio program into a national show with millions of listeners. With over three decades of experience in entrepreneurship, business growth, and content creation, he knows what it takes to build a lasting business. In this episode, Dave reveals the six drivers of long-term success, the five key stages of startup growth, and how he balances life as an entrepreneur and a content creator. In this episode, Hala and Dave will discuss: (00:00) Introduction (00:23) The Core Principles of Financial Freedom (05:42) Adapting to Change as a Content Creator (09:22) Balancing Content Creation and Entrepreneurship (12:34) How to Create a Clear Path in Business (15:19) The Truth About Starting a Business Today (18:22) The Six Drivers of Business Success (26:20) Shifting From Tactical to Strategic Thinking (29:44) The Five Stages of Business Growth (41:10) Leading with Care, Clarity, and Accountability (47:10) Identifying the Right Leadership Skills (48:35) Starting a Media Business as an Entrepreneur Dave Ramsey is a personal finance expert, radio personality, bestselling author, and the founder and CEO of Ramsey Solutions. Over the past three decades, he has built a legacy of helping millions achieve financial freedom. As the host of The Ramsey Show , Dave reaches more than 18 million listeners each week. He is the author of eight national bestselling books. His latest, Build a Business You Love , helps entrepreneurs navigate growth and overcome challenges at every stage. Sponsored By: Shopify - Sign up for a one-dollar-per-month trial period at youngandprofiting.co/shopify OpenPhone: Streamline and scale your customer communications with OpenPhone. Get 20% off your first 6 months at openphone.com/profiting Airbnb - Find yourself a co-host at airbnb.com/host Indeed - Get a $75 sponsored job credit at indeed.com/profiting RobinHood - Receive your 3% boost on annual IRA contributions, sign up at robinhood.com/gold Factor - Get 50% off your first box plus free shipping at factormeals.com/factorpodcast Rakuten - Save while shopping at rakuten.com Microsoft Teams - Stop paying for tools. Get everything you need, for free at aka.ms/profiting LinkedIn Marketing Solutions - Get a $100 credit on your next campaign at linkedin.com/profiting Resources Mentioned: Dave’s Book, Build a Business You Love: bit.ly/BuildaBusinessYouLove Dave’s Website: ramseysolutions.com Active Deals - youngandprofiting.com/deals Key YAP Links Reviews - ratethispodcast.com/yap Youtube - youtube.com/c/YoungandProfiting LinkedIn - linkedin.com/in/htaha/ Instagram - instagram.com/yapwithhala/ Social + Podcast Services: yapmedia.com Transcripts - youngandprofiting.com/episodes-new Entrepreneurship, Entrepreneurship Podcast, Business, Business Podcast, Self Improvement, Self-Improvement, Personal Development, Starting a Business, Strategy, Investing, Sales, Selling, Psychology, Productivity, Entrepreneurs, AI, Artificial Intelligence, Technology, Marketing, Negotiation, Money, Finance, Side Hustle, Mental Health, Career, Leadership, Mindset, Health, Growth Mindset, Side Hustle, Passive Income, Online Business, Solopreneur, Networking.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Megosztás

Sorozat kép•Feed

Past speeches and talks from the Black Hat Briefings computer security conferences.
The Black Hat Briefings USA 2005 was held July 27-28 in Las Vegas at Caesars Palace.
A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-05/bh-usa-05-index.html
Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo
Video, audio and supporting materials from past conferences will be posted here, starting with the newest and working our way back to the oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp3 cbr 64k audio format. If you want to get a better idea of the presentation materials go to http://www.blackhat.com/html/bh-media-archives/bh-multi-media-archives.html#USA-2005 and download them. Put up the .pdfs in one window while listening the talks in the other. Almost as good as being there!

61 epizódok

#Tech #Blackhat Breifings And Training #Blackhat Usa 2005 #Black Hat Vegas #Blackhat Vegas #Hacking #Computer Security #Speeches #Presentations #Spoken Word #Video #Audio #Tech News #Jeff Moss #Podcasting #Conventions

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

updated 19 éve

Megosztás

Sorozat kép•Feed

61 epizódok

Minden epizód

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Philip R. Zimmermann: The Unveiling of My Next Big Project 50:49

19 years50:49

50:49

Philip R. Zimmermann is the creator of Pretty Good Privacy. For that, he was the target of a three-year criminal investigation, because the government held that US export restrictions for cryptographic software were violated when PGP spread all around the world following its 1991 publication as freeware. Despite the lack of funding, the lack of any paid staff, the lack of a company to stand behind it, and despite government persecution, PGP nonetheless became the most widely used email encryption software in the world. Phil has been working on a new project and plans to have freeware ready for all Black Hat attendees.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Adam L. Young: Building Robust Backdoors In Secret Symmetric Ciphers 48:55

19 years48:55

48:55

This talk will present recent advances in the design of robust cryptographic backdoors in secret symmetric ciphers (i.e., classified or proprietary ciphers). The problem directly affects end-users since corporations and governments have in the past produced secret symmetric ciphers for general use (e.g., RC4 and Skipjack, respectively). The problem itself is challenging since it involves leaking secret key material in the ciphertexts that are produced by a deterministic function, whereas traditional subliminal channels have relied on the use of randomized cryptographic algorithms. Such attacks can be regarded as advanced Trojan horse attacks since the secret block cipher securely and subliminally transmits the symmetric key of the sender and receiver to the malicious designer and confidentiality holds even when the cipher is made public. The material that will be surveyed was published in Fast Software Encryption (FSE '98), the Australasian Conference on Information Security and Privacy (ACISP '03), and Selected Areas in Cryptography (SAC '04). Adam Young received his BS degree in Electrical Engineering from Yale University in '94, his MS degree in Computer Science from Columbia University in '96. He was awarded his PhD degree in Computer Science with distinction from Columbia University in '02. He has authored publications in IEEE Foundations of Computer Science, Crypto, Eurocrypt, Asiacrypt, Security in Communication Networks (SCN), Fast Software Encryption, Algorithmic Number Theory Symposium (ANTS), PKC, CT-RSA, SAC, IEEE Security and Privacy, Cryptographic Hardware and Embedded Systems (CHES), ACISP, and the IEEE Information Assurance Workshop. He is the author of the book "Malicious Cryptography: Exposing Cryptovirology" that is co-authored with Dr. Moti Yung. Adam has given invited talks at Xerox PARC, MITRE, Bell Labs, NYU, Sandia National Labs, the Naval Postgraduate School, the AMS-MMS special session on coding theory and cryptography, and the 2nd International Conference on Advanced Technologies for Homeland Security (ICATHS '04). In April Adam will be giving a talk at the DIMACS Workshop on Theft in E-Commerce that is being held at Rutgers University. Adam's work experience includes serving as a cryptographic consultant for CertCo, Inc., performing research for Lucent as a Member of Technical Staff, acting as a Principal Engineer for Lockheed Martin Global Telecommunications, and conducting Federally funded research for the DoD.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Alex Wheeler and Neel Mehta: Owning Anti-Virus: Weaknesses in a Critical Security Component 1:05:10

19 years1:05:10

1:05:10

AV software is becoming extremely popular because of the its percieved protection. Even the average person is aware they want AV on their computer (see AOL, Netscape, Netzero, Earthlink, and other ISP television ads). What if: Instead of protecting ppl from hackers AV software was actually making it easier for hackers? This talk will outline general binary auditing techniques using AV software as an example, and demonstrate examples of remote AV vulnerabilities discovered using those techniques. Alex Wheeler is a security researcher, who specializes in reversing engineering binaries for security vulnerabilities. His research experience was cultivated during his time with ISS X-Force, which he spent auditing critical network applications and technologies for security vulnerabilities. Alex's recent audit focus on AV products has lead to the discovery of serious systemic and point vulnerabilities in many major AV products. Neel Mehta works as an application vulnerability researcher at ISS X-Force, and like many other security researchers comes from a reverse-engineering background. His reverse engineering experience was cultivated through extensive consulting work in the copy protection field, and has more recently been focused on application security. Neel has done extensive research into binary and source-code auditing, and has applied this knowledge to find many vulnerabilities in critical and widely deployed network applications.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Paul Vixie: Preventing Child Neglect in DNSSEC-bis using Lookaside Validation 1:15:01

19 years1:15:01

1:15:01

Paul Vixie has been contributing to Internet protocols and UNIX systems as a protocol designer and software architect since 1980. Early in his career, he developed and introduced sends, proxynet, rtty, cron and other lesser-known tools. Today, Paul is considered the primary modern author and technical architect of BINDv8 the Berkeley Internet Name Domain Version 8, the open source reference implementation of the Domain Name System (DNS). He formed the Internet Software Consortium (ISC) in 1994, and now acts as Chairman of its Board of Directors. The ISC reflects Paul's commitment to developing and maintaining production quality open source reference implementations of core Internet protocols. More recently, Paul cofounded MAPS LLC (Mail Abuse Prevention System), a California nonprofit company established in 1998 with the goal of hosting the RBL (Realtime Blackhole List) and stopping the Internet's email system from being abused by spammers. Vixie is currently the Chief Technology Officer of Metromedia Fiber Network Inc (MFNX.O). Along with Frederick Avolio, Paul co-wrote "Sendmail: Theory and Practice" (Digital Press, 1995). He has authored or co-authored several RFCs, including a Best Current Practice document on "Classless IN-ADDR.ARPA Delegation" (BCP 20). He is also responsible for overseeing the operation of F.root-servers.net, one of the thirteen Internet root domain name servers.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Andrew van der Stock: World Exclusive - Announcing the OWASP Guide To Securing Web Applications and Services 2.0 53:49

19 years53:49

53:49

After three years of community development, the Open Web Application Security Project (OWASP) is proud to introduce the next generation of web application security standards at BlackHat USA 2005. The Guide to Securing Web Applications and Services 2.0 is a major new release - written from the ground up, with many new sections covering common and emerging risks, including: * How to design more secure software * How to conduct a security review using the Guide * How to perform the most difficult web application processes correctly: processing credit cards, interacting with payment gateways (such as PayPayl), and anti-phishing controls * Reorganized and easily navigated chapters on web application controls including: web services, comprehensive authentication and authorization controls, session management, data validation, interpreter injection, and many new controls within existing chapters * Secure configuration and deployment * And software quality assurance. The Guide has adopted and extended the popular OWASP Top 10 approach - security objectives, how to identify if you are at risk, with recommended remediations in three popular frameworks, and further reading. The Guide is platform neutral, and has examples in J2EE, ASP.NET and PHP. The Guide 2.0 is on the conference materials CD-ROM in its entirety. As it is free (as in beer as well as in freedom), you can redistribute or print it as often as you wish. To demonstrate the incredible versatility of the Guide and its pragmatic approach, we will be conducting a live security review of software selected at random by the audience. To perform the review demonstration, we will be using just a few off-the-shelf web development tools with Firefox to demonstrate how easy it is to subvert the average application, and how simple it is to fix issues properly by using the Guide. We expect this talk will be useful to all attendees, but those who set secure coding standards within their organization, manage risk from custom software, manage software development or are software architects or developers will benefit the most from attending this session. Andrew van der Stock is among the many contributors to the OWASP project over the years. Andrew has presented at many conferences, including BlackHat USA, linux.conf.au, and AusCERT, and is a leading Australian web application researcher. He helps run the OWASP Melbourne chapter, started the OWASP Sydney chapter, and is ex-President of SAGE-AU, the System Administrator's Guild of Australia. You can read more about OWASP, the Open Web Application Security Project at http://www.owasp.org/ and you can read more about Andrew at http://www.greebo.net/>…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Eugene Tsyrklevich: Ozone HIPS: Unbreakable Windows 1:16:57

19 years1:16:57

1:16:57

Windows is the number one target on the Internet today. It takes less than 5 minutes for an unpatched Windows machine, connected to the Internet, to get owned. Yet the most prevalent security practices still consist of running anti-viruses and constant patching. This presentation introduces a new tool, called Ozone, that is designed to protect against most of the commonly exploited attack vectors. To protect against the most common of these, buffer overflows, Ozone uses an address space randomization technique. In addition, Ozone runs all processes in a sandbox that severely limits what a compromised process is allowed to do. Finally, Ozone protects itself and the underlying operating system against further attacks. Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military environments. Eugene has presented his research at a number of security conferences including Usenix Security, BlackHat Europe and BlackHat USA. Eugene holds both a Bachelor and a Masters degree in Computer Science from the University of California, San Diego…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Michael Sutton and Adam Greene: The Art of File Format Fuzzing 43:18

19 years43:18

43:18

In September 2004, much hype was made of a buffer overflow vulnerability that existed in the Microsoft engine responsible for processing JPEG files. While the resulting vulnerability itself was nothing new, the fact that a vulnerability could be caused by a non-executable file commonly traversing public and private networks was reason for concern. File format vulnerabilities are emerging as more and more frequent attack vector. These attacks take advantage of the fact that an exploit can be carried within non-executable files that were previously considered to be innocuous. As a result, firewalls and border routers rarely prevent the files from entering a network when included as email attachments or downloaded from the Internet. As with most vulnerabilities, discovering file format attacks tends to be more art than science. We will present various techniques that utilize file format fuzzing that range from pure brute force fuzzing to intelligent fuzzing that requires an understanding of the targeted file formats. We will present a methodology for approaching this type of research and address issues such as automating the process. Techniques will be discussed to address challenges such as attacking proprietary file formats, overcoming exception handling and reducing false positives. The presentation will include demonstrations of fuzzing tools designed for both the *nix and Windows platforms that will be released at the conference and the disclosure of vulnerabilities discovered during the course of our research. Michael Sutton is a Director for iDEFENSE, a security intelligence company located in Reston, VA. He heads iDEFENSE Labs and the Vulnerability Aggregation Team (VAT). iDEFENSE Labs is the research and development arm of the company, which is responsible for discovering original security vulnerabilities in hardware and software implementations, while VAT focuses on researching publicly known vulnerabilities. His other responsibilities include developing tools and methodologies to further vulnerability research, and managing the iDEFENSE Vulnerability Contributor Program (VCP). Prior to joining iDEFENSE, Michael established the Information Systems Assurance and Advisory Services (ISAAS) practice for Ernst and Young in Bermuda. He is a frequent presenter at information security conferences. Michael obtained his Certified Information Systems Auditor (CISA) designation in 1998 and is a member of Information Systems Audit and Control Association (ISACA). He has completed a Master of Science in Information Systems Technology degree at George Washington University, has a Bachelor of Commerce degree from the University of Alberta and is a Chartered Accountant. Outside of the office, he is a Sergeant with the Fairfax Volunteer Fire Department. Adam Greene is a Security Engineer for iDEFENSE, a security intelligence company located in Reston, VA. His responsibilities at iDEFENSE include researching original vulnerabilities and developing exploit code as well as verifying and analyzing submissions to the iDEFENSE Vulnerability Contributor Program. His interests in computer security lie mainly in reliable exploitation methods, fuzzing, and UNIX based system auditing and exploit development. In his time away from computers he has been known to enjoy tea and foosball with strange old women.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Alex Stamos and Scott Stender: Attacking Web Services: The Next Generation of Vulnerable Enterprise Apps 1:12:18

19 years1:12:18

1:12:18

Web Services represent a new and unexplored set of security-sensitive technologies that have been widely deployed by large companies, governments, financial institutions, and in consumer applications. Unfortunately, the attributes that make web services attractive, such as their ease of use, platform independence, use of HTTP and powerful functionality, also make them a great target for attack. In this talk, we will explain the basic technologies (such as XML, SOAP, and UDDI) upon which web services are built, and explore the innate security weaknesses in each. We will then demonstrate new attacks that exist in web service infrastructures, and show how classic web application attacks (SQL Injection, XSS, etc) can be retooled to work with the next-generation of enterprise applications. The speakers will also demonstrate some of the first publicly available tools for finding and penetrating web service enabled systems. Alex Stamos is a founding partner of iSEC Partners, LLC, a strategic digital security organization, with several years experience in security and information technology. Alex is an experienced security engineer and consultant specializing in application security and securing large infrastructures, and has taught many classes in network and application security. Before he helped form iSEC Partners, Alex spent two years as a Managing Security Architect with @stake. Alex performed as a technical leader on many complex and difficult assignments, including a thorough penetration test and architectural review of a 6 million line enterprise management system, a secure re-design of a multi-thousand host ASP network, and a thorough analysis and code review of a major commercial web server. He was also one of @stake's West Coast trainers, educating select technical audiences in advanced network and application attacks. Before @stake, Alex had operational security responsibility over 50 Fortune-500 web applications. He has also worked at a DoE National Laboratory. He holds a BSEE from the University of California, Berkeley, where he participated in research projects related to distributed secure storage and automatic C code auditing. Scott Stender is a founding partner of iSEC Partners, LLC, a strategic digital security organization. Scott brings with him several years of experience in large-scale software development and security consulting. Prior to iSEC, Scott worked as an application security analyst with @stake where he led and delivered on many of @stake's highest priority clients. Before @stake, Scott worked for Microsoft Corporation where he was responsible for security and reliability analysis for one of Microsoft's distributed enterprise applications. In this role, Scott drew on his technical expertise in platform internals, server infrastructure, and application security, combined with his understanding of effective software development processes to concurrently improve the reliability, performance, and security of a product running on millions of computers worldwide. In his research, Scott focuses on secure software engineering methodology and security analysis of core technologies. Most recently, Scott was published in the January-February 2005 issue of "IEEE Security and Privacy", where he co-authored a paper entitled "Software Penetration Testing". He holds a BS in Computer Engineering from the University of Notre Dame.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
spoonm and skape: Beyond EIP 30:38

19 years30:38

30:38

When we built Metasploit, our focus was on the exploit development process. We tried to design a system that helped create reliable and robust exploits. While this is obviously very important, it's only the first step in the process. What do you do once you own EIP? Our presentation will concentrate on the recent advancements in shellcode, IDS/firewall evasion, and post-exploitation systems. We will discuss the design and implementation of the technologies that enable complex payloads, such as VNC injection, and the suite of tools we've built upon them. We will then present a glimps of the next generation of Metasploit, and how these new advances will serve as it's backbone. Spoonm Since late 2003, spoonm has been one of the core developers behind the Metasploit Project. He is responsible for much of the architecture in version 2.0, as well as other components including encoders, nop generators, and a polymorphic shellcode engine. A full-time student at a northern university, spoonm spends too much of his free time on security research projects. Skape Skape is a lead software developer by day and an independent security researcher by night. He joined forces with the Metasploit project in 2004 where his many contributions have included the Meterpreter, VNC injection, and many other payload advances. Skape has worked on a number of open-source projects and has authored several papers on security related technologies. His current security related interests include post-exploitation technologies, payload development and optimization, and exploitation prevention technology.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Sherri Sparks and Jamie Butler: "Shadow Walker" - Raising The Bar For Rootkit Detection 1:14:10

19 years1:14:10

1:14:10

Last year at Black Hat, we introduced the rootkit FU. FU took an unprecented approach to hiding not previously seen before in a Windows rootkit. Rather than patching code or modifying function pointers in well known operating system structures like the system call table, FU demonstrated that is was possible to control the execution path indirectly by modifying private kernel objects in memory. This technique was coined DKOM, or Direct Kernel Object Manipulation. The difficulty in detecting this form of attack caused concern for anti-malware developers. This year, FU teams up with Shadow Walker to raise the bar for rootkit detectors once again. In this talk we will explore the idea of memory subversion. We demonstrate that is not only possible to hide a rootkit driver in memory, but that it is possible to do so with a minimal performance impact. The application (threat) of this attack extends beyond rootkits. As bug hunters turn toward kernel level exploits, we can extrapolate its application to worms and other forms of malware. Memory scanners beware the axiom, 'vidre est credere' . Let us just say that it does not hold the same way that it used to. Sherri Sparks is a PhD student at the University of Central Florida. She received her undergraduate degree in Computer Engineering and subsequently switched to Computer Science after developing an interest in reverse code engineering and computer security. She also holds a graduate certificate in Computer Forensics. Currently, her research interests include offensive / defensive malicious code technologies and related issues in digital forensic applications. Jamie Butler is the Director of Engineering at HBGary, Inc. specializing in rootkits and other subversive technologies. He is the co-author and a teacher of "Aspects of Offensive Rootkit Technologies" and co-author of the upcoming book "Rootkits: Subverting the Windows Kernel" due out late July. Prior to accepting the position at HBGary, he was a senior developer on the Windows Host Sensor at Enterasys Networks, Inc. and a computer scientist at the NSA. He holds a MS in CS from UMBC and has published articles in the IEEE IA Workshop proceedings, Phrack, USENIX login, and Information Management and Computer Security. Over the past few years his focus has been on Windows servers concentrating in host based intrusion detection and prevention, buffer overflows, and reverse engineering. Jamie is also a contributor at rootkit.com.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Derek Soeder and Ryan Permeh: eEye BootRoot 1:13:44

19 years1:13:44

1:13:44

This presentation will cover the eEye BootRoot project, an exploration of technology that boot sector code can use to subvert the Windows NT-family kernel and retain the potential for execution, even after Windows startup-a topic made apropos by the recent emergence of Windows rootkits into mainstream awareness. We will provide some brief but technical background on the Windows startup process, then discuss BootRoot and related technology, including a little-known stealth technique for low-level disk access. Finally, we will demonstrate the proof-of-concept BootRootKit, loaded from a variety of bootable media. Derek Soeder is a Software Engineer and after-hours researcher at eEye Digital Security. In addition to participating in the ongoing development of eEye's Retina Network Security Scanner product, Derek has also produced a number of internal technologies and is responsible for the discovery of multiple serious security vulnerabilities. His main areas of interest include operating system internals and machine code-level manipulation. Ryan Permeh is a Senior Software Engineer at eEye Digital Security. He focuses mainly on the Retina and SecureIIS product lines. He has worked in the porting of nmap and libnet to Windows, as well as helping with disassembly and reverse engineering, and exploitation efforts within the eEye research team.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Paul Simmonds: The Jericho Challenge - Finalist Architecture Presentations and Awards 41:11

19 years41:11

41:11

The days of the corporate network, completely isolated with a well-secured outer shell are long gone; yet we continue to cling to this model. Global networks with no borders, offer the potential of substantial savings in communications costs, maximum network agility and instant connectivity for clients and partners. Can you secure this incredibly compelling business model, and provide a long-term business case for security where security contributes to the corporate bottom line? Can the CISO be seen as a true partner in corporate strategic thinking? What does business need from its suppliers to make this a feasible reality? What do you need to be doing now to achieve this goal? The Jericho Challenge is an industry-wide competition with for secure architecture design and related Jericho compliancy concepts, available at http://www.jerichoforum.org. The top three finalists will present their papers during this session. Judges will give cash awards to papers that contribute most to the debate on Jericho Architecture. Contact challenge@jerichofoum.org for entrance rules and regulations. Paul Simmonds joined ICI in 2001 when he was recruited to head up Information Security for ICI, working for the CIO Office in London. Prior to joining ICI he spent a short time with a high security European web hosting company as Head of Information Security, and before that seven years with Motorola, again in a global information security role. Paul is also a founding member of the Jericho Forum, a pan-global grouping of corporate companies working to define the issues and benefits of operating in a deperimiterised environment. In his career he has worked with many external agencies, including the FBI, Scotland Yard, Wiltshire Computer Crime and Wiltshire Child protection. He has also been directly involved in two successful criminal prosecutions, giving evidence in one case. Paul has a degree in Electronic Engineering and a City and Guilds in Radio Communication and is also a qualified kayak coach. He came to the Information Security field from a background in IT Systems Implementation and consultancy during which he wrote and implemented one of the UK's first web sites. He is married with three children and a very understanding wife and in the little spare time that he has teaches canoeing and runs charity radio stations.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
SensePost: Automation - Deus ex Machina or Rube Goldberg Machine? 1:06:46

19 years1:06:46

1:06:46

How far can automation be taken? How much intelligence can be embodied in code? How generic can automated IT security assessment tools really be? This presentation will attempt to show which areas of attacks lend themselves to automation and which aspects should best be left for manual human inspection and analyses. SensePost will provide the audience a glimpse of BiDiBLAH - an attempt to automate a focussed yet comprehensive assessment. The tool provides automation for: * Finding networks and targets * Fingerprinting targets * Discovering known vulnerabilities on the targets * Exploiting the vulnerabilities found * Reporting Roelof Temmingh is the Technical Director of SensePost where his primary function is that of external penetration specialist. Roelof is internationally recognized for his skills in the assessment of web servers. He has written various pieces of PERL code as proof of concept for known vulnerabilities, and coded the world-first anti-IDS web proxy "Pudding". He has spoken at many International Conferences and in the past year alone has been a keynote speaker at SummerCon (Holland) and a speaker at The Black Hat Briefings. Roelof drinks tea and smokes Camels. Haroon Meer is currently SensePost's Director of Development (and coffee drinking). He specializes in the research and development of new tools and techniques for network penetration and has released several tools, utilities and white-papers to the security community. He has been a guest speaker at many Security forums including the Black Hat Briefings. Haroon doesnt drink tea or smoke camels. Charl van der Walt is a founder member of SensePost. He studied Computer Science at UNISA, Mathematics at the University of Heidelberg in Germany and has a Diploma in Information Security from the Rand Afrikaans University. He is an accredited BS7799 Lead Auditor with the British Institute of Standards in London. Charl has a number of years experience in Information Security and has been involved in a number of prestigious security projects in Africa, Asia and Europe. He is a regular speaker at seminars and conferences nationwide and is regularly published on internationally recognized forums like SecurityFocus. Charl has a dog called Fish.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Mike Pomraning: Injection Flaws: Stop Validating Your Input 29:21

19 years29:21

29:21

Years after the debut of XSS and SQL Injection, each passing week sees newly disclosed vulnerabilities ready to be exploited by these same techniques. Labelling all of these as "input validation flaws" isn't helping anymore. In this Turbo Talk we turn the situation upside-down to get a better perspective, and cover specific techniques to address the problems. Mike Pomraning is a systems and process troubleshooter, finding trouble and shooting it. He works for SecurePipe, Inc., a managed security services provider, and holds a CISSP. He prefers to debug application misbehavior with code traces, kernel traces and packet dumps, though at higher layers he prefers dialogue and audit. Along the way has written a few helpful programs, including pynids, a python wrapper to the libnids NIDS framework, and more perl than he can recall.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Ejovi Nuwere and Mikko Varpiola: The Art of SIP fuzzing and Vulnerabilities Found in VoIP 1:04:21

19 years1:04:21

1:04:21

This presentation will cover SIP and VoIP related automated fuzzing techniques. Using real world vulnerabilities and audit engagements we will give a technical understanding of this emerging technology and its common attack vectors. The techniques discussed in this talk will not only be limited to SIP but will apply to methodical audit approaches for fuzzing text based protocols which can be more complex then fuzzing binary protocols. This talk will include: * 0 day vulnerabilities (or one day) * Example fuzzing scripts * Proof of concept code Ejovi Nuwere is the founder of SecurityLab Technologies. Nuwere gained media attention and international recognition for his highly publicized security audit of Japan's National ID system--JukiNet. Nuwere is the Chief Technology Officer of SecurityLab Technologies where he heads the companies VoIP security auditing group. He currently lives in Boston and is working on his second book, Practical Penetration Testing (O'Reilly). Mikko Varpiola is the head of test tool development at Codenomicon. His specific area of expertise is in anomaly design - e.g. what to feed into software to make it fail. Before Codenomicon he worked as a researcher in the acclaimed PROTOS project at Oulu University Secure Programming Group (OUSPG).…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Mudge aka Peiter Mudge Zatko: Economics, Physics, Psychology and How They Relate to Technical Aspects of Counter Intelligence/Counter Espionage Within Information Security 1:11:11

19 years1:11:11

1:11:11

The computer and network security fields have made little progress in the past decade. The rhetoric that the field is in an arms race; attacks are becoming more complicated and thus defenses are always in a keep-up situation makes little sense when 10 year old root kits, BGP and DNS attacks that have been widely publicized for years, and plain-text communications streams are still being taken advantage of. This talk looks at the environment without being skewed by currently marketed solutions. It then presents corollaries for environments in different disciplines, such as economics and physics, talks to certain psychological situations that prohibit researchers and organizations from being able to correctly address the problems, maps these solutions into Counter Intelligence and Counter Espionage models and finally applies them to low level network and systems communications. This presentation involves audience participation to point out ways of breaking the helplessness cycle (for the defensive side) or to better target areas for exploitation (for the offensive side). "Mudge" - Peiter Mudge Zatko Better known as Mudge, the hacker who testified to the Senate that he could "take the Internet down in 30 minutes", Zatko has been a pioneer of the commercial information security and warfare sector since the 1980s. The leader of the hacker think-tank "L0pht", he founded @stake and Intrusic and currently works as a Division Scientist for BBN Technologies (the company that designed and built the Internet). Mudge is the creator of L0phtCrack - the premier MS password auditor, SLINT - the first source code vulnerability auditing system, AntiSniff - the first commercial promiscuous system network detection tool, and Zephon - Intrusic's flagship product focused on Counter Intelligence / Counter Espionage for corporate Insider-Threat. His other software works are now included in several distributions of commercial and public domain operating systems. As a lecturer and advisor Mudge has contributed to the CIA's critical National security mission, was recognized as a vital contributor to the success of the President's Scholarship for Service Program by the NSC, has briefed Senators, the former Vice President and President of the United States, and has provided testimony to the US Senate multiple times. An honorary plank owner of the USS McCampbell and referenced as part of 'U.S. History' in Trivial Pursuit, his mission remains constant to "make a dent in the universe".…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Shawn Moyer: Owning the C-suite: Corporate Warfare as a Social Engineering Problem 18:36

19 years18:36

18:36

Let's face it, you ROCK at building InfoSec tech, but you SUCK at corporate warfare. Sooner or later, you WILL have to sit in a boardroom with the suits and justify your existence. If you approach your own survival and that of your security team's as a Social Engineering problem, it can not only work for you, but it can be FUN. Don't let them own you, own THEM. Shawn Moyer is a Lead Security Product Manager for InfoSec for one of the US's largest finance companies. He has lots of three and four letter acronyms after his name, and has led InfoSec teams at startups and smaller companies in the past. He has spent much of his career getting people who hate security to love it, and finding ways to get non-geeky people to see why they need geeks. He has been attending BH and DC for quite a few years, but has managed to keep his mouth shut until now.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Panel: CISO QA with Jeff Moss 1:00:05

19 years1:00:05

1:00:05

Jeff Moss, founder of Black Hat, invites Chief Information Security Officers from global corporations to join him on stage for a unique set of questions and answers. What do CISOs think of Black Hat, David Litchfield, Dan Kaminsky, Joe Grand, Johnny Long, Metasploit, and DEFCON? How many years before deperimeterization is a reality? Is security research more helpful or harmful to the economy? What privacy practices do CISOs personally use? These questions and others from the audience will be fielded by this panel of security visionaries. Scott Blake is Chief Information Security Officer for Liberty Mutual Insurance Group and is responsible for information security strategy and policy. Prior to joining Liberty, Scott was Vice President of Information Security for BindView Corporation where he founded the RAZOR security research team and directed security technology, market, and public affairs strategy. Scott has delivered many lectures on all aspects of information security and is frequently sought by the press for expert commentary. Since 1993, Scott has also worked as a security consultant, IT director, and network engineer. He holds an MA in Sociology from Brandeis University, a BA in Social Sciences from Simon's Rock College, and holds the CISM and CISSP security certifications. Pamela Fusco, CISSP, CISM, CHS-III, Chief Security Officer, Merck and Co., Inc. Pamela Fusco is an Executive Global Information Security Professional, for Merck and CO., Inc. She has accumulated over 19 years of substantial experience within the Security Industry. Her extensive background and expertise expand globally encompassing all facets of security inclusive of logical, physical, personal, facilities, systems, networks, wireless, and forensic investigations. Presently she leads a talented team of Compliance, Systems and Information Security Engineers operating a world-wide 24X7X365 SIRT (security incident response team). Andre Gold is currently Director of Information Security at Continental Airlines, one of the world's largest and most successful commercial and freight transportation providers. Before assuming his current role, Mr. Gold served as Technical Director of Internet Services, responsible for Continental's continental.com property, which contributes over a billion dollars a year in revenue for Continental. Prior to Continental Airlines, Inc. Mr. Gold worked as a consultant in the IT industry. Mr. Gold has a BBA in Computer Information Systems from the University of Houston-Downtown and received his commission in the Army from Wentworth Military Academy. In addition to his position at Continental, Mr. Gold servers on the Microsoft Chief Security Officer Council, the Skyteam Data Privacy and Security Subcommittee, as well as eEye Digital Security's Executive Advisory Council. Ken Pfeil is CSO at Capital IQ, a web-based information service company headquartered in New York City. His experience spans over two decades with companies such as Microsoft, Dell, Avaya, Identix, and Merrill Lynch. Ken is coauthor of the books "Hack Proofing Your Network - 2nd Edition" and "Stealing the Network - How to Own the Box," and a contributing author of "Security Planning and Disaster Recovery" and "Network Security - The Complete Reference." Justin Somaini is Director of Information Security at VeriSign Inc. where he is responsible for managing all aspects of network and information security for VeriSign. With over 10 years of Information Security and Corporate Audit experience, Justin has leveraged his knowledge of audit and large organizations to remediate global infrastructure problems and create a full risk identification and remediation Information Security group. Previously, Justin was the Director of Information Security Services for Charles Schwab Inc., where he was responsible for all aspects of Information Security Operations. Before that he was a Manager with PricewaterhouseCoopers LLP where he spent several years developing their attack and penetration leadership and audit practice.>…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Panel: The National ID Debate 1:12:08

19 years1:12:08

1:12:08

As a result of the Real-ID Act, all American citizens will have an electronically readable ID card that is linked to the federal database by May 2008. This means that in three years we will have a National ID card system that is being unilaterally controlled by one organization (DHS) whether we want it or not. Organizations such as the ACLU are already exploring opportunities for litigation. Privacy advocates cite Nazi Germany and slippery slopes, while the government waves the anti-terrorism flag back in their faces. Compromises and alternate solutions abound. Join us for a lively debate/open forum as an attempt to find a useable solution to this sticky problem. We will review solutions from the AMANA as well as ask why passports are not considered to be a privacy problem in the same ways. Would a National ID card make us safer? What to do about 15 million illegal immigrants? If college students can fake an ID, why can't a terrorist? What civil rights are abrogated by requiring everyone to possess an ID? What problem are we trying to solve anyway and will federal preemption address them? David Mortman, Chief Information Security Officer for Siebel Systems, Inc., and his team are responsible for Siebel Systems' worldwide IT security infrastructure, both internal and external. He also works closely with Siebel's product groups and the company's physical security team and is leading up Siebel's product security and privacy efforts. Previously, Mr. Mortman was Manager of IT Security at Network Associates, where, in addition to managing data security, he deployed and tested all of NAI's security products before they were released to customers. Before that, Mortman was a Security Engineer for Swiss Bank. A CISSP, member of USENIX/SAGE and ISSA, and an invited speaker at RSA 2002 and 2005 security conferences, Mr. Mortman has also been a panelist at InfoSecurity 2003 and Blackhat 2004. He holds a BS in Chemistry from the University of Chicago. Dennis Bailey is the Chief Operating Officer for Comter Systems, a top-secret, 8(a) information technology and management consulting firm based out of Fairfax, Virginia. He is also the author of "The Open Society Paradox: Why the Twenty-First Century Calls for More Openness Not Less", a recently published book which makes the case for secure identification and information sharing. He is active in the fields of identification, information sharing and security. He was a participant in the Sub-group on Identification for the Markle Foundation Task Force on Terrorism. He participates on the ITAA's Identity Management Task Group and is a member of the Coalition for a Secure Driver's License. His education includes a master's degree in political science from American University, where he worked at the Center for Congressional and Presidential Studies. Dennis also has a master's degree in psychology from the University of Dayton, where he worked at the Social Science Research Center. Jim Harper: As director of information policy studies, Jim Harper speaks, writes, and advocates on issues at the intersection of business, technology, and public policy. His work focuses on the difficult problems of adapting law and policy to the unique problems of the information age. Jim is also the editor of Privacilla.org, a Web-based think-tank devoted exclusively to privacy. He is a member of the Department of Homeland Security's Data Privacy and Integrity Advisory Committee. In addition to giving dozens of speeches and participating in panel discussions and debates nationwide, Jim's work has been quoted and cited by USA Today, the Associated Press, and Reuters, to name a few. He has appeared on numerous radio programs and on television, commenting for Fox News, CBS News, and MSNBC. Jim is a native of California and a member of the California bar. He earned his bachelor's degree in political science at the University of California, Santa Barbara, where he focused on American politics and the federal courts. At Hastings College of the Law, Jim served as editor-in-chief of the Hastings Constitutional Law Quarterly. In addition to numerous writings and ghost-writings in the trades and popular press, his scholarly articles have appeared in the Administrative Law Review, the Minnesota Law Review, and the Hastings Constitutional Law Quarterly. Rhonda E. MacLean is a charter member of the Global Council of Chief Security Officers. The Council is a think tank comprised of a group of influential corporate, government and academic security experts dedicated to encouraging dialogue and action to meet the new challenges of global online security. MacLean provided leadership as the Global Chief Information Security Officer for Bank of America from 1996 until 2005. At Bank of America she was responsible for company-wide information security policies and procedures, support for the lines of business in their management of information risk, implementation of security technology, cyber forensics and investigations, and awareness for the company's leadership, associate base and outside suppliers. In that role she provided leadership for a number of company-wide initiatives designed to protect sensitive customer and company information. In addition, under her leadership the bank's corporate information security organization has been a leader in innovation, filing for numerous U.S. Patents in the areas of infrastructure risk management and information security. After many years of service on some of the industry's most important associations, advisory boards and think tanks, she was appointed in 2002 by the Secretary of the Treasury to serve as the financial services sector coordinator for critical infrastructure protection and homeland security. In that role, she established a Limited Liability Corporation which brought together 26 financial service trade associations, utilities and professional institutes to work in partnership with Treasury to create several important industry initiatives designed to ensure industry cooperation and resiliency. She continues to serve as Chairman Emeritus for the Council. In September 2003, The Executive Women's Forum named MacLean one of five "Women of Vision", one of the top business leaders shaping the information security industry. MacLean was named one of the 50 most powerful people in the network industry in NetworkWorld's 2003 and 2004 issues. In recognition of her continued leadership in the security field, she was awarded CSO's Compass Award in 2005. In April 2005, The Friends of a Child's Place, a Charlotte-based advocacy for the homeless, named her one of the "First Ladies of Charlotte" in recognition of her pioneering role in information security and her support for the Charlotte community. MacLean has spent more than 25 years in the information technology industry. Immediately before joining Bank of America, MacLean spent 14 years at The Boeing Company where she was the Senior Information Security Manager for Boeing's proprietary and government programs. She is certified by the Information Systems Audit and Control Association as a Certified Information Security Manager.>…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Robert Morris: The Non-Cryptographic Ways of Losing Information 1:02:59

19 years1:02:59

1:02:59

To fully understand how to protect crucial information in the modern world, one needs to fully understand how the modern spy steals it. Since the glorious days of cryptanalysis during World War II, the art of stealing and protecting information has drastically changed. Using over 25 years of NSA field-stories, this talk will highlight the lesser-known world of stealing data: eavesdropping, theft, purchase, burglary, blackmail, bribery, and the like. Furthermore, my talk will highlight ways one can avoid the common pitfalls of carelessness and overconfidence that give the modern spy a full access pass. Robert Morris received a B.A. in Mathematics from Harvard University in 1957 and a M.A. in Mathematics from Harvard in 1958. He was a member of the technical staff in the research department of Bell Laboratories from 1960 until 1986. On his retirement from Bell Laboratories in 1986 he began work at the National Security Agency. From 1986 to his (second) retirement in 1994, he was a senior adviser in the portion of NSA responsible for the protection of sensitive U.S. information.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
David Maynor: NX: How Well Does It Say NO to Attacker's eXecution Attempts? 36:40

19 years36:40

36:40

NX. It's known by different names to different people. AMD calls it Enhanced Virus Protection, or EVP. Microsoft calls its support Data Execution Prevention, or DEP. After the press about how this new technology will stop hackers and worms in their tracks, many people call it a modern marvel. But this new technology has several layers of confusion surrounding it in regards to where it is implemented, how it protects and even when its on. This talk will unwrap the information while showing that at best NX is a speed bump and not a stop sign to malicious intruders. David Maynor is a research engineer with the ISS Xforce research and development team where his primary responsibilities include reverse engineering high risk applications, researching new evasion techniques for security tools, and researching new threats before they become widespread. Before ISS Maynor spent the 3 years at Georgia Institute of Technology (GaTech), with the last two years as a part of the information security group as an application developer to help make the sheer size and magnitude of security incidents on campus manageable. Before that Maynor contracted with a variety of different companies in a widespread of industries ranging from digital TV development to protection of top 25 websites to security consulting and penetration testing to online banking and ISPs.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Kevin Mandia: Performing Effective Incident Response 59:18

19 years59:18

59:18

During the course of 2004 and 2005, we have responded to dozens of computer security incidents at some of America's largest organizations. Mr. Mandia was on the front lines assisting these organizations in responding to international computer intrusions, theft of intellectual property, electronic discovery issues, and widespread compromise of sensitive data. Our methods of performing incident response have altered little in the past few years, yet the attacks have greatly increased in sophistication. Mr. Mandia addresses the widening gap between the sophistication of the attacks and the sophistication of the incident response techniques deployed by "best practices." During this presentation, Mr. Mandia re-enacts some of the incidents; provides examples of how these incidents impacted organizations; and discusses the challenges that each organization faced. He demonstrates the "state-of-the-art" methods being used to perform Incident Response, and how these methods are not evolving at a pace equal to the threats. He outlines the need for new technologies to address these challenges, and what these technologies would offer. He concludes the presentation by discussing emerging trends and technologies that offer strategic approaches to minimize the risks that an organization faces from the liabilities the information age has brought. Kevin Mandia is an internationally recognized expert in the field of information security. He has been involved with information security for over fifteen years, beginning in the military as a computer security officer at the Pentagon. He has assisted attorneys, corporations, and government organizations with matters involving information security compliance, complex litigation support, computer forensics, expert testimony, network attack and penetration testing, fraud investigations, computer security incident response, and counterintelligence matters. Mr. Mandia established Red Cliff specifically to bring together a core group of industry leaders in this field and solve client's most difficult information security challenges. Prior to forming Red Cliff, Kevin built the computer forensics and investigations group at Foundstone from its infancy to a multi-million dollar global practice that performed civil litigation support and incident response services. As technical and investigative lead, Mr. Mandia responded on-site to dozens of computer security incidents per year. He assisted numerous financial services and large organizations in handling and discretely resolving computer security incidents. He also led Foundstone's computer forensic examiners in supporting numerous criminal and civil cases. He has provided expert testimony on matters involving theft of intellectual property and international computer intrusion cases.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Simple Nomad and MadHat Unspecific: SPA: Single Packet Authorization 19:27

19 years19:27

19:27

We needed a protocol that allowed us to tell a server that we are who we say we are, have it work across NAT, use TCP, UDP, or ICMP as the transport mechanism, act as an extra layer of security, and be secure itself. Oh, and do so with a single packet. Sound crazy? It's actually very useful. We've come up with a Single Packet Authorization (SPA). This is a protocol for a remote user to send in a request to a server which I cannot be replayed and which uniquely identifies the user. The proof-of-concept code alone is worthy of a presentation itself, but SPA is so much more. This is not port-knowcking (although SPA can easily replace port-knocking with something much more secure). MadHat leads the DC214, Dallas Defcon Group and is a member of NMRC. His paying gig is as the Manager of Vernier Threat Labs. Before working at Vernier, MadHat was one of the core security team members for Yahoo and leat the vulnerability assessment and day-to-day security monitoring for Yahoo world-wide. He has written several open source security tools and has contributed to an upcoming book on NMap being written by Fyodor. Simple Nomad is the founder of the Nomad Mobile Research Centre (NMRC), an international group pf hackers that explore technology. By day he works as a Senior Security Analyst for BindView Corporation. He has spent several years developing and testing various computer systems for security strengths. He has authored numerous papers, developed a number of tools for testing the security and insecurity of computer systems, a frequently-sought lecturer at security conferences, and has been quoted in print and television media outlets regarding computer security and privacy.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Johnny Long: Google Hacking for Penetration Testers 8:49

19 years8:49

8:49

Google Hacking returns for more guaranteed fun this year at Blackhat USA! If you haven't caught one of Johnny's Google talks, you definitely should. Come and witness all the new and amazing things that can be done with Google. All new for BH USA 2005, Johnny reveals basic and advanced search techniques, basic and advanced hacking techniques, multi-engine attack query morphing, and zero-packet target foot printing and recon techniques. Check out Google's search-blocking tactics (and see them bypassed), and learn all about using Google to locate targets Google doesn't even know about! But wait, there's more! Act now and Johnny will throw in the all new "Google Hacking Victim Showcase, 2005" loaded with tons of screenshots (and supporting queries) of some of the most unfortunate victims of this fun, addictive and deadly form of Internet nastiness. Think you're too uber to be caught in a Google talk? Fine. Prove your badness. Win the respect of the audience by crushing the live Google Hacking contest! Submit your unique winning query by the end of the talk to win free books from Syngress Publishing and other cool gear! Or don't. Just listen to your friends rave about it. Whatever. Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Over the past two years, Johnny's most visible focus has been on this Google hacking "thing" which has served as yet another diversion to a serious (and bill-paying) job as a professional hacker and security researcher for Computer Sciences Corporation. In his spare time, Johnny enjoys making random pirate noises ("Yarrrrr!"), spending time with his wife and kids, convincing others that acting like a kid is part of his job as a parent, feigning artistic ability with programs like Bryce and Photoshop, pushing all the pretty shiny buttons on them new-fangled Mac computers, and making much-too-serious security types either look at him funny or start laughing uncontrollably. Johnny has written or contributed to several books, including "Google Hacking for Penetration Testers" from Syngress Publishing, which has secured rave reviews and has lots of pictures.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
David Litchfield: All New 0-Day 40:11

19 years40:11

40:11

David Litchfield leads the world in the discovery and publication of computer security vulnerabilities. This outstanding research was recognised by Information Security Magazine who voted him as 'The World's Best Bug Hunter' for 2003. To date, David has found over 150 vulnerabilities in many of today's popular products from the major software companies (the majority in Microsoft, Oracle). David is also the original author for the entire suite of security assessment tools available from NGSSoftware. This includes the flagship vulnerability scanner Typhon III, the range of database auditing tools NGSSquirrel for SQL Server, NGSSquirrel for Oracle, OraScan and Domino Scan II. In addition to his world leading vulnerability research and the continued development of cutting edge security assessment software, David has also written or co-authored on a number of security related titles including, "SQL Server Security", "Shellcoder's handbook" and "Special Ops: Host and Network Security for Microsoft, UNIX and Oracle"…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Ben Laurie: CaPerl: Running Hostile Code Safely 46:46

19 years46:46

46:46

There are many circumstances under which we would like to run code we don't trust. This talk presents a method for making that possible with various popular scripting languages-the test case is Perl, but the technique will work with other languages. Also presented is an open source implementation for Perl, and various examples of its use - for instance, a web server that will run arbitrary code uploaded to it. Although some experience of Perl is useful, it is not essential. The basis of the technique is to compile a slightly modified dialect of Perl into capability-enforcing standard Perl, which is then run using a vanilla Perl interpreter. Ben Laurie has worked for years on cryptography and security, particularly in the open source world. Perhaps best known for authoring Apache-SSL, the ancestor of almost all secure free webservers, he is also a core team member of OpenSSL and a founding director of the Apache Software Foundation. In his copious spare time, he is Director of Security for The Bunker Secure Hosting. He has published papers on subjects as diverse as knotted DNA and anonymous money. His current obsessions are privacy and security.…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Alexander Kornbrust: Circumvent Oracle's Database Encryption and Reverse Engineering of Oracle Key Management Algorithms 59:58

19 years59:58

59:58

This talk describes architecture flaws of the Oracle's database encryption packages dbms_crypto and dbms_obfuscation_toolkit. These encryption packages are used to encrypt sensitive information in the database. A hacker can intercept the encryption key and use this key to decrypt sensitive information like clinical data, company secrets or credit card information. Even if a flexible key management algorithm (every row has his own key) is in use it is possible to reverse engineer this algorithm quite fast. A basic knowledge of Oracle databases (PL/SQL) is recommended. Alexander Kornbrust is the founder and CEO of Red-Database-Security GmbH, a company specialised in Oracle security. He is responsible for Oracle security audits and Oracle Anti-hacker trainings. Before that he worked several years for Oracle Germany, Oracle Switzerland and IBM Global Services as consultant. Alexander Kornbrust is working with Oracle products as DBA and developer since 1992. During the last 5 years found over 100 security bugs in different Oracle products. Publications and further information can be found at: http://www.red-database-security.com…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Joseph Klein: The Social Engineering Engagement Methodology - A Formal Testing process of the People and Process 40:54

19 years40:54

40:54

The security of an organization is composed of technology, people and processes. In the last few years, many organizations have done a good job addressing technology but have focused very little on the people and processes. This presentation reviews the formal methodology for performing Social Engineering Engagements. The method is divided into four sections including the Pre-Engagement, Pre-Assessment, Assessment and Post-Assessment. The Pre-Engagement, is the sales process for performing the assessment. In this section, we will review the business justification and headlines of current attacks. Pre-Assessment if focused on identifying the scope of the project, limitation, targets and attack vectors. Also included are examples of what information must be gathers for use in the assessment and post assessment phase. The most interesting and tedious part is the actual assessment. In this section, we will discuss how to engage the target, utilize company information, how to achieve the goal and what to do when you are caught. Included in this section is also how and what to document about every contact. Post assessment is the analysis and reporting phase. In it, we will review documenting findings, and mapping them to recommendations. Joe Klein, CISSP is Senior Security Consultant at Honeywell and a member of the IPv6 Business Council. He performs network, application, web-application, wireless, source-code, host security reviews and security architecture design services for clients in the commercial and government space Prior to joining Honeywell, Joe worked as a consultant performing attack and penetration assessments for many significant companies in the IT arena. While consulting, Joe also taught "Hacking and Incident Handling", "IDS/IPS management" and "Managing Network Security" at a local college in Jacksonville Florida. He regularly speaking at conferences including Defcon, InfoSecWorld, PhreakNic and regional meetings including Infragard, ASIS and ISSA.>…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Barnaby Jack: Remote Windows Kernel Exploitation - Step In To the Ring 0 36:08

19 years36:08

36:08

Almost every possible method and technique regarding Windows exploitation has been discussed in depth. Surprisingly, a topic that has rarely been touched on publicly is the remote exploitation of Win32 kernel vulnerabilities; a number of kernel vulnerabilities have been published, yet no exploit code has surfaced in the public arena. I predict we will see more kernel vulnerabilities in the future, as more core networking components are being implemented at the driver level. In this presentation I will walk through the remote exploitation of a kernel level vulnerability. A number of payloads will be discussed and demonstrated, and I will explain how to overcome the various obstacles that arise when attempting to exploit ring 0 vulnerabilities. As a final demonstration, we will say goodnight to the Windows OS entirely. Barnaby Jack is a Senior Research Engineer at eEye Digital Security. His role at eEye involves developing internal technologies, malicious code analysis, vulnerability research-and applying this research to the eEye product line. His main areas of interest include reverse engineering and operating system internals. He has been credited with the discovery of numerous security vulnerabilities, and has published multipl…

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

1
Ken Hines: Using Causal Analysis to Establish Meaningful Connections between Anomalous Behaviors in a Networking Environment 24:48

19 years24:48

24:48

Fueled by business needs such as supply chain integration and outsourcing, modern enterprises must open up portions of their networks to potentially untrusted outsiders. Combined with the troubling aspects of malicious insiders, ever more sophisticated attacks, increasing network complexity, and strong pressure from regulatory bodies to rapidly identify breaches and assess damages, there is a rapidly growing concern over internal network security. IT departments must work harder than ever to prevent insiders and outsiders from gaining unauthorized access to critical assets deep in the network, and if such access ever occurs, identify and report on, the impact of such a security breach. In order to gain real insight into the dynamic behavior of their networks, IT departments must monitor huge quantities of data, where individual elements of a sophisticated attack may be spread out over long periods of time, and vast numbers of logs. Many tools are available to identify individual phases of an attack, such as IDSs, network based anomaly detection tools, host based monitoring tools, and even firewalls. However, this data is presented to the security analyst as a series of unrelated suspicious events. Because of the complexity of modern networks there are always isolated and seemingly suspicious things occurring on the network. To find a sophisticated breach the individual pieces of an attack need to be tied together for successful analysis. One approach to determining relationships between events is by defining rules, such as: if some set of events happens around the same time, they are probably related, and should be presented as a correlated event. Unfortunately this places the burden on the security analyst of predefining attack scenarios for their particular network. Unlike virus detection which can leverage the entire anti-virus community to identify and write appropriate signature files, internal network security has no such analogy. Every enterprise network has unique characteristics requiring company specific rules. While rules are good for identifying problems with well defined signatures, they aren't capable of relating attack elements separated by large time intervals, and obscured by benign activity on the surrounding hosts. The missing piece is causal analysis, which can automatically link together suspicious events independent of the normal network activity that occurs between the various phases of a security breach. The benefit of the causal analysis approach is that chains of related and suspicious activity provide a strategic overview of network behavior allowing a security analyst to focus their efforts on attacks in progress. When they have a readable chain of anomalous behavior, the security team can trace the attack vector back to the entry point, and find the so-called "patient zero." This presentation demonstrates the value of causal analysis using a simple example that involves social networks rather than computer networks, how this example is really a metaphor for a very common form of computer network attack, and how causal analysis is equally appropriate in finding this sort of attack in enterprise networks. It then presents some of the factors that compound the difficulty of this analysis in real networks, and describes approaches that simplify this complexity. Using the techniques described, two real "stepping stone" attacks are outlined and diagrammed to illustrate the power of causal analysis. Finally, it demonstrates how this analysis can be combined with other forms of security analytic and mitigation techniques to provide a formidable barrier against network attacks. Ken Hines earned his Ph.D. in computer science at the University of Washington in 2000, by successfully defending his dissertation, which applied causal analysis to debugging heterogeneous distributed embedded systems. Since then, he has founded two venture funded companies, and actively developed commercial products that apply causal analysis to solving complex problems related to distributed embedded systems, network processor based network infrastructure, and finally networks as a whole. While a graduate student, Ken was one of the primary researchers on the Chinook Hardware/Software Co-synthesis project, and published a number of papers on distributed debugging, distributed hardware/software co-simulation, and co-synthesis for heterogeneous distributed embedded systems.…

Üdvözlünk a Player FM-nél!

A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.

Hallgasson 500+ témát

Hasonló a(z) Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference sorozathoz

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Bounty Quick Size Paper Towels, White, 8 Family Rolls = 20 Regular Rolls (Packaging May Vary)

Bounty Paper Towels Quick Size, White, 16 Family Rolls = 40 Regular Rolls (Packaging May Vary)

Podcastok, amelyeket érdemes meghallgatni

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

Podcastok, amelyeket érdemes meghallgatni

Üdvözlünk a Player FM-nél!

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Ring Battery Doorbell, Head-to-Toe Video, Live View with Two-Way Talk, and Motion Detection & Alerts (2024 release), Venetian Bronze

Ailun 3 Pack Screen Protector for iPhone 16 Pro Max [6.9 inch] + 3 Pack Camera Lens Protector with Installation Frame,Sensor Protection,Dynamic Island Compatible,Case Friendly Tempered Glass Film

The Let Them Theory: A Life-Changing Tool That Millions of People Can't Stop Talking About

Hasonló a(z) Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference sorozathoz

Gyors referencia kézikönyv