canmove, Confirmed users
4,854
edits
Security/BlackHat 2012: Difference between revisions
→Black Hat sessions
| Line 13: | Line 13: | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Argyroudis Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap] -''Who is attending, if anyone? Name here'' | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Argyroudis Exploiting the jemalloc Memory Allocator: Owning Firefox's Heap] -''Who is attending, if anyone? Name here'' | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Rohlf Google Native Client - Analysis Of A Secure Browser Plugin Sandbox] -''Who is attending, if anyone? Name here'' | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Rohlf Google Native Client - Analysis Of A Secure Browser Plugin Sandbox] -''Who is attending, if anyone? Name here'' | ||
For Gaia/WebAPI folks some attacks on Chrome extensions that may | For Gaia/WebAPI folks some attacks on Chrome extensions that may | ||
| Line 37: | Line 29: | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Serna "The Info Leak Era on Software Exploitation"] (an example of one he wrote up on Flash is http://seclists.org/bugtraq/2012/Apr/63 ) -''Who is attending, if anyone? Name here'' | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Serna "The Info Leak Era on Software Exploitation"] (an example of one he wrote up on Flash is http://seclists.org/bugtraq/2012/Apr/63 ) -''Who is attending, if anyone? Name here'' | ||
New defensive features of Win8 we should consider using. Some may be | New defensive features of Win8 we should consider using. Some may be | ||
| Line 57: | Line 45: | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Argyros "PRNG: Pwning Random Number Generators (in PHP applications)"] | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Argyros "PRNG: Pwning Random Number Generators (in PHP applications)"] | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Alonso Owning bad guys and mafia with javascript botnets] - who doesn't love a botnet that uses javascript? | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Alonso Owning bad guys and mafia with javascript botnets] - who doesn't love a botnet that uses javascript? | ||
''July 26'' | ''July 26'' | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Shekyan Hacking with WebSockets] -''Who is attending, if anyone? Name here'' | |||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Shah HTML5 Top 10 Threats – Stealth Attacks and Silent Exploits] -''Who is attending, if anyone? Name here'' | |||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Oh Recent Java Exploitation Trends and Malware] - Java malware, sandboxes, etc. | * [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Oh Recent Java Exploitation Trends and Malware] - Java malware, sandboxes, etc. | ||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Purviance "Blended Threats and JavaScript: A Plan for Permanent Network Compromise"] -''Who is attending, if anyone? Name here'' | |||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Sabanal "Digging Deep Into The Flash Sandboxes"] -''Who is attending, if anyone? Name here'' | |||
* [https://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#Philput Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance] - Makes sense for security folks | |||
=== DEFCON Sessions === | === DEFCON Sessions === | ||