Blackhat USA 2006 - Review , remarks and proposal agenda

["newslist () security-briefings com" <newslist () security-briefings com>]

the Blackhat agenda for USA 2006 session had just been published : URL 
<http://www.blackhat.com/html/bh-usa-06/bh-usa-06-schedule.html>

The first remark is that this year, Blackhat USA, will be an incredible 
briefing !

There will be several Zero day announcements. For example: Brendan 
O'Connor with his talk called "Vulnerabilities in Not-So Embedded 
Systems" will focus on vulnerabilities, exploitation, and defence of the 
new Xerox WorkCentre product line. Previously undisclosed 
vulnerabilities will be released, along with exploit code that turns a 
dumb printer, copier, or scanner into a network attack drone.

Some new trend or subject will be also presented: for example, Doug 
Mohney will talk about Defending against Social Engineering with Voice 
Analytics and Jay Schulman will present a new way of Phishing with 
Asterisk PBX.

We notice also an interesting talk about "Bypassing Network Access 
Control (NAC) Systems".

As usual there are several "deep knowledge" promising sessions such as 
Fuzzing Selected Win32 Interprocess Communication Mechanisms from Jesse 
Burns , Attacking Internationalized Software from Scott Stender or again 
others "deep knowledege" subject that will become a prominent concern 
for security people : 2 talks are dedicated to SAN (in)security (I’m 
Going To Shoot The Next Person Who Says VLANs and Attacking Apple’s 
Xsan) and another is dealing with Device Drivers given by Jon Ellch and 
David Maynor.

ORACLE Databases seems to be again a good subject for speakers this 
year. So we can think that Oracle is more and more Breakable :-)... 
Attendees will learn How to Unwrap Oracle PL/SQL with Pete Finnigan or 
how to implement 2nd generation of Rootiks into ORACLE with Alexander 
Kornbrust.

We notice also some new ideas like using hardware device to improve 
crackers efficiency. You will see that with David Hulton and Dan Moniz 
on their talk called Hardware Hacks and Cracks with FPGAs. Another new 
idea is concerning rootkit: See the Hardware Virtualization-Based 
Rootkits from Dino Dai Zovi. We don't know exactly what Dan Kaminsky 
will talk about SSL but this amazing security speaker always found 
things with great impact? And this year in "The Worldwide SSL Analysis", 
he will disclose a major flaw in the way many, many SSL devices operate. 
He will discuss how widespread this flaw is, as well as announce results 
from this worldwide SSL scan (that 's carried us :-)


Of course Blackhat will come with the release a lot of new tools. Some 
are already available in beta like the web application scanner Oedipus 
(URL <http://oedipus.rubyforge.org/>). Others tools will be a support of 
several sessions:
- MatriXay that will be presented in session "When Web App & Database 
Security Pen-Test/Audit Is a Joy" from Yuan Fan.
- Sensepost will, as usual, presented another innovative proxy tools 
dedicated to pen tester in session "A Tale of Two Proxies".
- An AJAX-based XSRF attack framework will be release in the Breaking 
AJAX Web Applications sessions given by Alex Stamos and
Zane Lacke
- LEVI is a new vulnerability auditing tool (Windows NT Family) which 
addresses both of these issues by using a code integration-based 
technique to monitor both imported and inlined functions will be 
presented in session "Code Integration-Based Vulnerability Auditing" 
given by William B Kimball
- PDB, The Protocol DeBugger from Jeremy Rauch (A tool chain geared 
around dissecting protocols like a code debugger slices through code. A 
protocol generation and manipulation framework with a clean, consistent 
interface, thats scripted instead of compiled. And a fuzzing framework 
to go along with it.
- To finish with this long list of tools, take a look at Punk Ode that 
will be presented in "Hiding Shellcode in Plain Sight" session from 
Michael Sutton and Greg MacManus.



We would like to highlith that there is a lot of session given by 
Microsoft employees (See the VISTA track!). 7 sessions are concerned. We 
wonder if they can be neutral in their talk...But let them their chance 
to be honest security people :-)...And any way , VISTA security will 
have so much impact on our security so we must learn about it as soon as 
possible. Please welcome Microsoft employees and we will see the result...

In conclusion, Blackah USA Briefing will be a MUST this year. If you 
have the opportunity to be an attendee, don't hesitate! 
Security-briefings team propose to you the following agenda (For one 
person):

Day 1 :
10:00 - 11:00 -> Black Ops 2006 - Dan Kaminsky
11:15 - 12:30 -> How to Unwrap Oracle PL/SQL - Pete Finnigan
13:45 - 15:00 -> Sidewinder: An Evolutionary Guidance System
for Malicious Input Crafting - Shawn Embleton, Sherri Sparks & Ryan 
Cunningham
15:15 - 16:30 -> PDB: The Protocol DeBugger - Jeremy Rauch
16:45 - 18:00 -> Punk Ode: Hiding Shellcode In Plain Sight - Michael 
Sutton & Greg McManus

Day 2 :
09:00 - 09:50 -> RFID Malware Demystified - Melanie Rieback
10:00 - 11:00 -> Hacking Intranet Websites from the Outside
"JavaScript malware just got a lot more dangerous"- Jeremiah Grossman & 
TC Niedzialkowski
11:15 - 12:30 -> AJAX (in)security - Billy Hoffman
13:45 - 15:00 -> WiFi in Windows Vista: A Peek Inside the Kimono - Noel 
Anderson
15:15 - 16:30 -> Vulnerabilities in Not-So Embedded Systems - Brendan 
O'Connor
16:45 - 18:00 -> Faster Pwning Assured: Hardware Hacks and Cracks with 
FPGAs- David Hulton

It's just a proposition and the most problem with this USA briefings is 
that if your company want to take maximum benefices from this 
conference, it will need to send 2 or 3 employees to follow all 
interesting sessions ... that the only drawback of Blackhat : Too much 
interesting subjects for one attendee :-)

Regards -
Comments are well come on http:www.security-briefings.com


---------------------------------------------------------------------
To unsubscribe, e-mail: list-unsubscribe () security-briefings com
For additional commands, e-mail: list-help () security-briefings com