![Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference. - Podcast](http://www.blackhat.com/podcast/blackhat-podcast-logo.png){kind=logo}
Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2007 was held August 1-3 in Las Vegas at Caesars Palace. Two days, sixteen tracks, over 95 presentations. Three keynote speakers: Richard Clarke, Tony Sager and Bruce Schneier. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-07/bh-usa-07-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo Video, audio and supporting materials from past conferences will be posted here, starting with the newest and working our way back to the oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp4 h.264 192k video format. If you want to get a better idea of the presentation materials go to http://www.blackhat.com/html/bh-media-archives/bh-archives-2007.html and download them. Put up the pdfs in one window while watching the talks in the other. Almost as good as being there!
- Update frequency
- every day
- Average duration
- 56 minutes
- Episodes
- 89
- Years Active
- 2006 - 2007
Yoriy Bolygin: Remote and Local Exploitation of Network Drivers
During 2006 vulnerabilities in wireless LAN drivers gained an increasing attention in security community. One can explain this by the fact that any hacker can take control over every vulnerable lapto…
01:14:40 |
Mon 09 Jan 2006
David Byrne: Intranet Invasion With Anti-DNS Pinning
Cross Site Scripting has received much attention over the last several years, although some of its more ominous implications have not received much attention. Anti-DNS pinning is a relatively new thr…
00:53:54 |
Mon 09 Jan 2006
Jim Christy: Meet the Feds
Discussion of the power of Digital Forensics today and the real-world challenges. Also discuss the Defense Cyber Crime Center (DC3) and the triad of organizations that comprise DC3; The Defense Comp…
01:13:48 |
Mon 09 Jan 2006
Maria Cirino: Meet the VC's
2007 held numerous watershed events for the security industry. Innovation is needed and the money is there. Come to this session and meet the VCs actively investing in security, web, and mobile appli…
01:07:57 |
Mon 09 Jan 2006
Kevvie Fowler: SQL Server Database Forensics
Databases are the single most valuable asset a business owns. Databases store and process critical healthcare, financial and corporate data, yet businesses place very little focus on securing and log…
01:04:22 |
Mon 09 Jan 2006
Brad Hill: Attacking Web Service Securty: Message....
Web Services are becoming commonplace as the foundation of both internal Service Oriented Architectures and B2B connectivity, and XML is the world's most successful and widely deployed data format. T…
01:10:53 |
Mon 09 Jan 2006
Billy Hoffman & John Terrill: The little Hybrid web worm that could
The past year has seen several web worms attacks against various online applications. While these worms have gotten more sophisticated and made use of additional technologies like Flash and media for…
01:13:38 |
Mon 09 Jan 2006
Greg Hoglund: Active Reversing: The Next Generation of Reverse Engineering
Most people think of reverse engineering as a tedious process of reading disassembled CPU instructions and attempting to predict or deduce what the original 'c' code was supposed to look like. This p…
01:06:23 |
Mon 09 Jan 2006
Jonathan Lindsay: Attacking the Windows Kernel
Most modern processors provide a supervisor mode that is intended to run privileged operating system services that provide resource management transparently or otherwise to non-privileged code. Altho…
00:59:23 |
Mon 09 Jan 2006
David Litchfield: Database Forensics
Since the state of California passed the Database Security Breach Notification Act (SB 1386) in 2003 another 34 states have passed similar legislation with more set to follow.
In January 2007 TJX …
01:03:44 |
Mon 09 Jan 2006
Joanna Rutkowska & Alexander Tereshkin: IsGameOver(), anyone?
We will present new, practical methods for compromising Vista x64 kernel on the fly and discuss the irrelevance of TPM/Bitlocker technology in protecting against such non-persistent attacks. Then we …
01:15:41 |
Mon 09 Jan 2006
Alexander Sotirov: Heap Feng Shui in JavaScript
Heap exploitation is getting harder. The heap protection features in the latest versions of Windows have been effective at stopping the basic exploitation techniques. In most cases bypassing the prot…
01:14:55 |
Mon 09 Jan 2006
Ariel Waissbein: Timing attacks for recovering private entries from database engines
Dynamic content for Web applications is typically managed through database engines, including registration information, credit cards medical records and other private information. The web application…
01:01:54 |
Mon 09 Jan 2006
Phil Zimmermann: Z-Phone
Philip R. Zimmermann is the creator of Pretty Good Privacy. For that, he was the target of a three-year criminal investigation, because the government held that US export restrictions for cryptograph…
01:03:31 |
Mon 09 Jan 2006
David Leblanc: Practical Sandboxing: Techniques for Isolating Processes
The sandbox created for the Microsoft Office Isolated Converter Environment will be demonstrated in detail. The combination of restricted tokens, job objects, and desktop changes needed to seriously …
00:24:00 |
Mon 09 Jan 2006
Charlie Miller: Hacking Leopard: Tools and Techniques for Attacking the Newest Mac OS X
According to the Apple website, ?Mac OS X delivers the highest level of security through the adoption of industry standards, open software development and wise architectural decisions.? Of course, th…
00:25:13 |
Mon 09 Jan 2006
Jerry Schneider: Reflection DNS Poisoning
Targeting an enterprise attack at just a few employees seems to be yielding the best results, since it lowers the risk of discovering the exploit. Yet the typical DNS cache poisoning approach, aimed …
00:19:18 |
Mon 09 Jan 2006
Rohyt Belani & Keith Jones: Smoke 'em Out!
Tracing a malicious insider is hard; proving their guilt even harder. In this talk, we will discuss the challenges faced by digital investigators in solving electronic crime committed by knowledgeabl…
01:20:42 |
Mon 09 Jan 2006
Jared DeMott, Dr. Richard Enbody & Dr. Bill Punch: Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing
Runtime code coverage analysis is feasible and useful when application source code is not available. An evolutionary test tool receiving such statistics can use that information as fitness for pools …
00:40:05 |
Mon 09 Jan 2006
Rohit Dhamankar & Rob King: PISA: Protocol Identification via Statistical Analysis
A growing number of proprietary protocols are using end-to-end encryption to avoid being detected via network-based systems performing Intrusion Detection/Prevention and Application Rate Shaping. Att…
00:39:52 |
Mon 09 Jan 2006
Disclaimer: The podcast and artwork embedded on this page are the property of Black Hat/ CMP Media, Inc.. This content is not affiliated with or endorsed by eachpod.com.