I have been enjoying myself at BlackHat Europe 2012, soaking up some of the leetness, absorbing some of the technologies I am less familiar with, meeting great people, and talking with them about things which really interest me - which is all good.
BlackHat EU 2012 - Day two
BlackHat EU 2012 - Day two
My Presentation seemed to go well, with several interested people coming up to ask various questions afterwards, maybe due to the fact that I described and showed around 10 exploits I recently discovered in common security products (all patched now BTW - but some very interesting, some creative, and several rather ironic - for example: "a spam the reconfigures the spam-filter", "a URL that owns the URL-filter").
My favourite presentation of Day two was "Data mining a mountain of Vulnerabilities" with Chris Wysopal.
This was quite a dry subject, but very well presented. Lots of data on vulnerabilities, with statistics on vulnerabilites sorted by application language, platform, horizontal and vertical markets, (among many other things)
Really interesting data, and something I feel that I might consult when doing application testing.
Chris had some really interesting graphs, the one above showing clearly that most web-apps contain at least one of the most serious flaws.
Day three
Some really interesting presentations today on mobile/smartphone security. It's hard to choose the best one really, as the following three were very good, and looked like the conclusions were based on very solid research (and many hours of work).
- "Secure Password Managers" and "Military-Grade Encryption" on Smartphones: Oh Really? by Andrey Belenko + Dmitry Sklyarov
- Hmm... so password managers on smartphones are not very well coded - not a surprise really but, a lot of work has been done by these guys to review some of the most popular ones and find some bugs
- Apple vs. Google Client Platforms by Felix 'FX' Lindner
- A great talk this, delivered in FX's highly amusing style
- The Mobile Exploit Intelligence Project by Dan Guido + Mike Arpaia
- Interesting perspective from acedemia on the stats behind mobile exploits, it seems that the hype might be just hype (at least on the iOS platform, more potential on Android though, but still, not a great deal of real platform-pwnage happening)
Anyway, I am in the airport on the way home, and it has been a very good week...
So much good Article you share with s, i so much appreciate that, i also want to tell you,,
ReplyDeleteThink local. There are lots of smaller, local organizations that are doing great work in your community. I like to look for charities that are founded by people from within the community by people who understand its needs best, and who are coming up with creative solutions.
Online Super Funds
تنظيف مساجد
ReplyDeleteفلل للبيع بالدمام حي الفرسان
نقل عفش بالرياض رخيص
دينا نقل عفش
شقق للايجار بحي السويدي بالرياض
أفضل شركات نقل الأثاث
ادوات نقل الاثاث
واجهات فلل سعودية بروفايل
زجاج الفلل
كيفية تنظيف الموكيت من البقع
QUALITY SSN DOB DL HIGH CREDIT SCORES Leads
ReplyDeleteCC with CVV Fullz (USA, UK, CANADA)
Tutorials & E-Books For Ethical Hacking
Tools For Everything You Need
I'm On Telegram = @killhacks & I C Q = 752822040
Stuff available for
(Spamming, Carding, Ethical Hacking, LINUX, Programming, Scripting, etc. )
Deals in all kind of Tools, Tutorials, E-books, Leads/Fullz/Pros
Availability 24/7
FASTEST DELIVERY
Build Your Own Business with proper guide & Legit Tools
Always glad to serve
GOOD LUCK
Here I'm:
I C Q = 752822040
Tele-gram = @killhacks
يقدم مصنع زجاجات عصير بلاستيك pet من شركة بلاستك هوم عبوات عصير بلاستيك عالية الجوده بافضل الاسعار حيث تصنع الزجاجات من البلاستيك المقاوم للضوء والحرارة مما يحافظ علي نكهة العصير وصلاحيته لفتره اطول.
ReplyDeleteاليونيفورمات التي ينتجها مصنع يونيفورم امن صناعى تلتزم بالمعايير الدولية وتخضع لاختبارات صارمة للتحقق من جودتها ومتانتها. يهدف المصنع إلى تقديم منتجات تلبي احتياجات العملاء وتضمن سلامتهم وحمايتهم أثناء أداء مهامهم في بيئات العمل الصناعية. ببساطة، مصنع اليونيفورم الأمن الصناعي يُمثل أهمية حماية حياة وصحة العاملين في هذه البيئات المعقدة والمتطورة.
ReplyDelete