![Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference. - Podcast](http://www.blackhat.com/podcast/blackhat-podcast-logo.png){kind=logo}
Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2007 was held August 1-3 in Las Vegas at Caesars Palace. Two days, sixteen tracks, over 95 presentations. Three keynote speakers: Richard Clarke, Tony Sager and Bruce Schneier. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-07/bh-usa-07-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo Video, audio and supporting materials from past conferences will be posted here, starting with the newest and working our way back to the oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp4 h.264 192k video format. If you want to get a better idea of the presentation materials go to http://www.blackhat.com/html/bh-media-archives/bh-archives-2007.html and download them. Put up the pdfs in one window while watching the talks in the other. Almost as good as being there!
- Update frequency
- every day
- Average duration
- 56 minutes
- Episodes
- 89
- Years Active
- 2006 - 2007
Gadi Evron: Estonia: Information Warfare and Strategic Lessons
In this talk we will discuss what is now referred to as "The 'first' Internet War" where Estonia was under massive online attacks for a period of three weeks, following tensions with the local Russia…
01:13:39 |
Tue 11 Dec 2007
HD Moore & Valsmith: Tactical Exploitation-Part 2
Penetration testing often focuses on individual vulnerabilities and services. This talk introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using combination of new…
01:12:12 |
Tue 11 Dec 2007
Joel Eriksson & Panel: Kernel Wars
Kernel vulnerabilities are often deemed unexploitable or at least unlikely to be exploited reliably. Although it's true that kernel-mode exploitation often presents some new challenges for exploit de…
01:13:34 |
Mon 09 Jan 2006
Stephan Chenette & Moti Joseph: Defeating Web Browser Heap Spray Attacks
In 2007 black hat Europe a talk was given titled: "Heap Feng Shui in JavaScript"
That presentation introduced a new technique for precise manipulation of the browser heap layout using specific seq…
00:35:27 |
Mon 09 Jan 2006
David Coffey & John Viega: Building an Effective Application Security Practice on a Shoestring Budget
Software companies inevitably produce insecure code. In 2006 alone, CERT has recognized over 8,000 published vulnerabilities in applications. Attackers were previously occupied by the weaker operatin…
01:07:57 |
Mon 09 Jan 2006
Job De Haas: Side Channel Attacks (DPA) and Countermeasures for Embedded Systems
For 10 years Side Channel Analysis and its related attacks have been the primary focus in the field of smart cards. These cryptographic devices are built with the primary objective to resist tamperin…
01:19:23 |
Mon 09 Jan 2006
Justin N. Ferguson: Understanding the Heap by Breaking It: A Case Study of the Heap as a Persistent Data Structure Through Non-traditional Exploitation Techniques
Traditional exploitation techniques of overwriting heap metadata has been discussed ad-nauseum, however due to this common perspective the flexibility in abuse of the heap is commonly overlooked. Thi…
00:47:13 |
Mon 09 Jan 2006
Nick Harbour: Stealth Secrets of the Malware Ninjas
It is important for the security professional to understand the techniques used by those they hope to defend against. This presentation focuses on the anti-forensic techniques which malware authors i…
00:53:15 |
Mon 09 Jan 2006
Jim Hoagland: Vista Network Attack Surface Analysis and Teredo Security Implications
This talk will present the results of a broad analysis performed on the network-facing components of the release (RTM) version of Microsoft Windows Vista, as well as the results of study of the secur…
00:54:59 |
Mon 09 Jan 2006
Krishna Kurapati: Vulnerabilities in Wi-Fi/Dual-Mode VoIP Phones
Dual-mode phones are used to automatically switch between WiFi and cellular networks thus providing lower costs, improved connectivity and a rich set of converged services utilizing protocols like SI…
01:10:32 |
Mon 09 Jan 2006
Dan Kaminsky: Black Ops 2007: Design Reviewing The Web
Design bugs are really difficult to fix -- nobody ever takes a dependency on a buffer overflow, after all. Few things have had their design stretched as far as the web; as such, I've been starting to…
00:55:14 |
Mon 09 Jan 2006
Dr. Neal Krawetz: A Picture's Worth...
Digital cameras and video software have made it easier than ever to create high quality pictures and movies. Services such as MySpace, Google Video, and Flickr make it trivial to distribute pictures,…
00:48:37 |
Mon 09 Jan 2006
Adam Laurie: RFIDIOts!!!- Practical RFID Hacking (Without Soldering Irons or Patent Attorneys)
RFID is being embedded in everything...From Passports to Pants. Door Keys to Credit Cards. Mobile Phones to Trash Cans. Pets to People even! For some reason these devices have become the solution to …
01:13:07 |
Mon 09 Jan 2006
Luis Miras: Other Wireless: New ways of being Pwned
There are many other wireless devices besides Wifi and Bluetooth. This talk examines the security of some of these devices, including wireless keyboards, mice, and presenters. Many of these devices a…
01:02:59 |
Mon 09 Jan 2006
Cody Pierce: PyEmu: A multi-purpose scriptable x86 emulator
Processor emulation has been around for as long as the processor it emulates. However, emulators have been difficult to use and notoriously lacking in flexibility or extensibility. In this presentati…
01:01:25 |
Mon 09 Jan 2006
Len Sassaman: Anonymity and its Discontents
In recent years, an increasing amount of academic research has been focused on secure anonymous communication systems. In this talk, we briefly review the state of the art in theoretical anonymity sy…
01:17:12 |
Mon 09 Jan 2006
Bruce Schneier: KEYNOTE: The Psychology of Security
Security is both a feeling and a reality. You can feel secure without actually being secure, and you can be secure even though you don't feel secure. In the industry, we tend to discount the feeling …
00:49:21 |
Mon 09 Jan 2006
Window Snyder & Mike Shaver : Building and Breaking the Browser
Traditional software vendors have little interest in sharing the gory details of what is required to secure a large software project. Talking about security only draws a spotlight to what is generall…
00:58:28 |
Mon 09 Jan 2006
Stephan Patton: Social Network Site Data Mining
Social Network Sites contain a wealth of public information. This information is of great interest to researchers, investigators, and forensic experts. This presentation presents research regarding a…
00:23:15 |
Mon 09 Jan 2006
Pedram Amini & Aaron Portnoy: Fuzzing Sucks! (or Fuzz it Like you Mean it!)
Face it, fuzzing sucks. Even the most expensive commercial fuzzing suites leave much to be desired by way of automation. Perhaps the reason for this is that even the most rudimentary fuzzers are surp…
01:13:03 |
Mon 09 Jan 2006
Disclaimer: The podcast and artwork embedded on this page are the property of Black Hat/ CMP Media, Inc.. This content is not affiliated with or endorsed by eachpod.com.