BLACK HAT // LATEST INTEL ARCHIVE

Black Hat Europe 2012 Announces Arsenal Schedule, Tool Line-up

Spring is coming, and the air is filled with the clitter-clatter of keyboards honing code and prototyping exploits. With Black Hat Europe less than a month away, today we're unveiling the official Black Hat Arsenal schedule and topic lists. Arsenal, for those new to Black Hat security events, is a special tool/demo area that allows independent researchers and the open source community to demonstrate and showcase their work.

Black Hat Europe 2012's Arsenal will feature live demonstrations of nine new tools and resources, ranging from CAPTCHA crackers to PDF exploit analyzers. You can find the full schedule on the Black Hat Europe website, or read on for highlights from each of the presenters:

  • Gursev Singh Kalra will present TesserCap, a GUI-based, first-of-its-kind CAPTCHA analysis tool that busts through CAPTCHA checks with eight-stage image pre-processing and OCR.
  • Tom Forbes is bringing xcat, which exploits an xpath injection vulnerability in web application frameworks and supports advanced exploitation features. The tool supports both Xpath 1.0 and 2.0 and can extract entire XML databases.
  • Vulnerability researchers will dig Frank Breedijk's Seccubus, a tool which automates regular vulnerability scans. Unlike most such tools, Seccubus's reports focus on delta findings, which lend themselves to much more efficient result interpretation.
  • Didier Stevens will be demoing his suite of PDF tools, which are used by popular Linux distros and virus-scanning sites to detect malicious PPF files. He'll also be happy to talk about his many other projects.
  • Xavier Mertens will have pastemon on hand. pastemon monitors documents on the ubiquitous pastebin.org, and can generate events based on regular expressions -- sure beats refreshing all day.
  • Back on the PDF front, Jose Miguel Esparza will demo peepdf, an all-in-one security research tool for PDF files. peepdf sounds like the Swiss army knife of PDF security apps.
  • Andrey Labunets will show off Windbgshark, a network debugging tool that's tightly integrated with both Windbg debugger and Wireshark packet analyzer. It's also a framework for building custom fuzzers.
  • Serkan Özkan is the guy behind cvedetails.com, a security vulnerability database website. He'll show you some of its unique features, like links to human-readable OVAL definitions and customizable RSS feeds.
  • Last but not least, Mike Jordon and James Forshaw will demonstrate CANAPE, which can proxy and manipulate Citrix ICA traffic. CANAPE's networking, parsing and fuzzing infrastructure can significantly reduce development effort.

Black Hat Europe 2012's Arsenal will take place throughout the day on March 16. Check the official schedule to find out times for specific tool / software demos.

Also, hurry and register to take advantage of Black Hat's 20% off Regular Registration Discount. It ends 2/29.

You're Not Dreaming: Black Hat Europe 2012 Releases Event Schedule, Session Highlights

We were distressed to wake up this morning to the realization that Black Hat Europe is exactly one month away -- clearly, it's time to stop procrastinating and throw together an official-looking schedule! And here it is, the official Black Hat Europe 2012 Briefing Schedule

For those similarly groggy, Black Hat Europe 2012 will occur between March 14th - March 16th at the Grand Krasnapolsky Hotel in Amsterdam, the Netherlands. If you're interested in attending Black Hat Europe 2012, be sure to rouse yourself long enough to register by February 29th to enjoy a lower registration cost than will be offered to late and onsite registrations.

While you're up, here are a few choice picks from our dozens-strong schedule of briefings, trainings, and special events:

// David Litchfield, everyone's favorite Oracle hacker, will be returning to present An Assortment of Database Goodies at Black Hat Europe. It will no doubt shock you to learn that he's found a number of new exploits and security weaknesses in Oracle Database Server, and he'll be giving demonstrations on exploiting them to gain DBA privileges. Never change, David.

// Every day software developers churn out millions of lines of code -- some good, some buggier than a 10-Euro hostel. But which industries write the most secure code? And the least? Should you worry more about internally built apps, open source, commercial software, or outsourcers? To answer these questions, Chris Wysopal, of Veracode and L0pht infamy, used static binary analysis on thousands of apps of all stripes, creating an anonymized vulnerability data set. Attend his session, Data Mining a Mountain of Zero Day Vulnerabilities, to find out who sucks most.

// Apple and Google very famously have their differences, but they also both want your trust. And that doesn't come easily. Join FX for his Black Hat Europe session, Apple vs. Google Client Platforms, where he'll delve into the similarities and differences in the approaches Apple and Google take on their iPad and Chromebook client platforms, from security architecture to what powers they grant to attackers through fails in logic, binary, and HTML. It could get messy, so bring protective clothing.

// Threat modeling is typically a defensive, anticipatory action, but in Offensive Threat Modeling for Attackers - Turning Threat Modeling on its Head, Rafal Los and Shane MacDougall will show how offensive threat modeling can give attackers a powerful new weapon. Unorthodox tactics are the name of their game, with a focus on the key concepts of Posture, Position, and Predisposition. Social engineering, misdirection, employee home network attacks, reverse honeypots, psychological profiling... by the end of the session you will understand that you should never, ever mess with Rafal or Shane.

// HTML5 is on everyone's minds, and as Blueinfy founder Shreeraj Shah is keenly aware, that includes the minds of potential attackers. At Black Hat Europe Shreeraj will present his new talk and paper, HTML5: Top 10 Threats, Stealth Attacks, and Silent Exploits, in which he'll walk you through the new technology's architectures, attack surfaces, and possible threats. From clickjacking and phishing via mixed layers and iframes to abusing thick client features, Shreeraj'll show you how to plan your defense, as well as some new tricks for scanning for HTML5 vulnerabilities.

The sessions outlined above are just a fraction of the myriad and varied briefings, trainings, and special events planned for Black Hat Europe 2012. Check out the the official Black Hat Europe 2012 Briefing Schedule for a complete picture of what to expect from Black Hat Europe 2012.

Think Outside the Beige Box

Black Hat Europe 2012's organizers have revealed several new briefing sessions that delve into security issues that can arise in both embedded and machine-to-machine systems, beyond the more common security battleground of traditional computing devices.

//Jay Radcliffe, a senior threat intelligence analyst at a major computer security organization, will lead "Issues with Embedded Device Disclosures: Helping the Vendors and Recognizing the End-Users." He'll discuss the ethics and implications of disclosing security issues in embedded devices, with a focus on the different ways disclosure affects device vendors, end users, and the researchers themselves.

Typically security research focuses on exploits in traditional computing devices, but as witnessed with last year's explosion of scope, there is a need to expand our thinking about who is most at risk from vulnerabilities and how such vulnerabilities should be publicized.

//Utilisec Managing Partner Justin Searle will present "Dissecting Smart Meters", a look at the security costs incurred by the so-called "Smart Meters" increasingly deployed by utility companies.

Searle's presentation will explore Smart Meter architecture, protocols, their embedded components, and the functionality of their headend servers. He'll explain current penetration testing methodologies (complete with a live demo), list the common vulnerabilities, and discuss recommended solutions for Smart Meter vendors.

//Finally, iSEC Partners Security Consultant Don A. Bailey will consider the dangers faced by non-traditional devices connected to the telephone system in "War Texting: Weaponizing Machine to Machine Systems."

More and more, devices like 3G Security Cameras, Urban Traffic Control systems, Home Control and Automation systems, and even vehicles are telephony enabled, able to receive SMS or GPRS signals that trigger firmware updates, Are You There requests, and even data solicitations. Though increasingly capable of affecting the physical world, these systems lack the typical protections and safeguards enjoyed by IP-enabled systems. Bailey will help participants understand the new threat models and implement relevant security systems.

Secure Your Pocket: Black Hat Europe 2012 Delves into iOS and Android Exploits

The latest briefing sessions revealed by Black Hat Europe 2012's organizers present a heavy focus on mobile and next generation computing. Attendees will be briefed on an intelligence-driven approach to mobile defense and on a new tool that allows researchers to examine and interact with the attack surfaces of Android applications, among other topics.

These and the event's several dozen other briefings will take place between March 14th - March 16th at the Grand Krasnapolsky Hotel in Amsterdam, the Netherlands. If you're interested in attending Black Hat Europe 2012, be sure to register by February 29th to enjoy a lower registration cost than will be offered to late and onsite registrations.

//Recurity Labs GmbH Founder Felix 'FX' Lindner leads off with "Apple vs. Google Client Platforms," in which he'll compare the security approaches taken by Apple and Google in their iPad and Chromebook platforms. From security architecture to integrity protection details he'll provide the big picture with occasional close-up shots, and show what powers the vendors grant to attackers through fails in logic, binary, and HTML.

//Dan Guido, NYU:Poly's hacker in residence, will present "The Mobile Exploit Intelligence Project," which attempts to harness empirical information on mobile attack capabilities and methods to create an intelligence-driven approach to mobile defense.

Guido's analysis identifies the means by which exploits are developed and distributed, separates useful defenses from ineffective ones, and provides analytical tools to objectively evaluate the vulnerability of mobile operating systems. He'll wrap by using the empirical attack data to make projections on the near- and long-term directions of mobile malware.

//Last but not least, Tyrone Erasmus, an information security consultant at MWR InfoSecurity, will debut his new Android exploit-hunting tool, Mercury, in "The Heavy Metal That Poisoned the Droid."

The much-publicized Android Marketplace malwares rely on the fact that users seldom review app permissions, as well as an alarming number of info disclosure and privilege escalation vulnerabilities. Erasmus's full-featured Mercury tool will allow researchers to dynamically examine and exploit the attack surface of applications, to better understand how exploits occur. Mercury is under heavy development, and Erasmus hopes to have it ready to release by the time of this Black Hat Europe 2012 session.

The sessions outlined above are just a fraction of the myriad and varied briefings, trainings, and special events planned for Black Hat Europe 2012, and we're revealing more programming additions every week.

Black Hat 2011: Upcoming Events
Europe 2012 Event Page A DESIGNWEST Summit DC 2012 Event Page USA 2012 Event Page