![Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference. - Podcast](http://www.blackhat.com/podcast/blackhat-podcast-logo.png){kind=logo}
Black Hat Briefings, USA 2007 [Audio] Presentations from the security conference.
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings USA 2007 was held August 1-3 in Las Vegas at Caesars Palace. Two days, sixteen tracks, over 95 presentations. Three keynote speakers: Richard Clarke, Tony Sager and Bruce Schneier. A post convention wrap up can be found at http://www.blackhat.com/html/bh-usa-07/bh-usa-07-index.html Black Hat Briefings bring together a unique mix in security: the best minds from government agencies and global corporations with the underground's most respected hackers. These forums take place regularly in Las Vegas, Washington D.C., Amsterdam, and Tokyo Video, audio and supporting materials from past conferences will be posted here, starting with the newest and working our way back to the oldest with new content added as available! Past speeches and talks from Black Hat in an iPod friendly .mp4 h.264 192k video format. If you want to get a better idea of the presentation materials go to http://www.blackhat.com/html/bh-media-archives/bh-archives-2007.html and download them. Put up the pdfs in one window while watching the talks in the other. Almost as good as being there!
- Update frequency
- every day
- Average duration
- 56 minutes
- Episodes
- 89
- Years Active
- 2006 - 2007
Jamie Butler & Kris Kendall: Blackout: What Really Happened...
Malicious software authors use code injection techniques to avoid detection, bypass host-level security controls, thwart the efforts of human analysts, and make traditional memory forensics ineffecti…
01:10:25 |
Mon 09 Jan 2006
Jeremiah Grossman & Robert Hansen: Hacking Intranet Websites from the Outside (Take 2) - "Fun with and without JavaScript malware
Attacks always get better, never worse. The malicious capabilities of Cross-Site Scripting (XSS) and Cross-Site Request Forgeries (CSRF), coupled with JavaScript malware payloads, exploded in 2006. I…
00:54:40 |
Mon 09 Jan 2006
Ezequiel D. Gutesman & Ariel Waissbein: A dynamic technique for enhancing the security and privacy of web applications
Several protection techniques based on run-time taint analysis have been proposed within the last 3 years. Some of them provide full-automated protection for existing web applications, others require…
00:53:46 |
Mon 09 Jan 2006
Dr. Andrew Lindell: Anonymous Authentication-Preserving Your Privacy Online
Our right to privacy is under attack today. Actually, no one denies our right to privacy. However, in reality, this right is being eroded more and more as every minute passes. Some of this has to do …
01:02:26 |
Mon 09 Jan 2006
Haroon Meer & Marco Slaviero: It's all about the timing
It's all about the timing...
Timing attacks have been exploited in the wild for ages, with the famous TENEX memory paging timing attack dating back to January of 1972. In recent times timing attac…
01:13:22 |
Mon 09 Jan 2006
Eric Monti & Dan Moniz: Defeating Extrusion Detection
Todays headlines are rife with high profile information leakage cases affecting major corporations and government institutions. Most of the highest-profile leakage news has about been stolen laptops …
01:23:38 |
Mon 09 Jan 2006
HD Moore & Valsmith: Tactical Exploitation-Part 1
Penetration testing often focuses on individual vulnerabilities and services. This talk introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using combination of new…
00:58:12 |
Mon 09 Jan 2006
Mike Perry: Securing the tor network
Imagine your only connection to the Internet was through a potentially hostile environment such as the Defcon wireless network. Worse, imagine all someone had to do to own you was to inject some html…
01:07:32 |
Mon 09 Jan 2006
Dror-John Roecher: NACATTACK
The last two years have seen a big new marketing-buzz named "Admission Control" or "Endpoint Compliance Enforcement" and most major network and security players have developed a product-suite to secu…
01:10:08 |
Mon 09 Jan 2006
Bryan Sullivan: Premature Ajax-ulation
Interest in Ajax is sky-high and only continues to grow. Unfortunately, far too many people rush into Ajax development without giving proper consideration to security issues. These unfortunate indivi…
01:05:29 |
Mon 09 Jan 2006
Mark Ryan Del Moral Talabis: The Security Analytics Project: Alternatives in Analysis
With the advent of advanced data collection techniques in the form of honeypots, distribured honeynets, honey clients and malware collectors, data collected from these mechanisms becomes an abundant …
00:17:17 |
Mon 09 Jan 2006
Dave G & Jeremy Rauch: Hacking Capitalism
The financial industry isn't built on HTTP/HTTPS and web services like everything else. It has its own set of protocols, built off of some simple building blocks that it employs in order to make sure…
00:20:04 |
Mon 09 Jan 2006
Zane Lackey: Point, Click, RTPInject
The Realtime Transport Protocol (RTP) is a common media layer shared between H.323, SIP, and Skinny (SCCP) VoIP deployments. RTP is responsible for the actual voice/audio stream in VoIP networks; hen…
00:14:46 |
Mon 09 Jan 2006
Iain Mcdonald: Longhorn Server Foundation & Server Roles
Iain will discuss Server Foundation and Server Roles?how Longhorn Server applied the principles of attack surface minimization. This talk will detail the mechanics of LH Server componentization and t…
00:27:37 |
Mon 09 Jan 2006
Jonathan Afek: Dangling Pointer
A Dangling Pointer is a well known security flaw in many applications.
When a developer writes an application, he/she usually uses pointers to many data objects. In some scenarios, the developer m…
01:06:58 |
Mon 09 Jan 2006
Brian Chess, Jacob West, Sean Fay & Toshinari Kureha: Iron Chef Blackhat
Get ready for the code to fly as two masters compete to discover as many security vulnerabilities in a single application as possible. In the spirit of the Food Network?s cult favorite show, Iron Che…
00:57:41 |
Mon 09 Jan 2006
Richard A. Clarke: Keynote: A Story About Digital Security in 2017
To those who seek truth through science, even when the powerful try to suppress it.
Richard A. Clarke is a former U.S. government official who specialized in intelligence, cyber security and counter-…
00:44:50 |
Mon 09 Jan 2006
John Heasman: Hacking the extensible Firmware Interface
Macs use an ultra-modern industry standard technology called EFI to handle booting. Sadly, Windows XP, and even Vista, are stuck in the 1980s with old-fashioned BIOS. But with Boot Camp, the Mac can …
00:52:09 |
Mon 09 Jan 2006
David Maynor & Robert Graham: Simple Solutions to Complex Problems from the Lazy Hacker?s Handbook: What Your Security Vendor Doesn?t Want You to Know .
Security is very hard these days: lots of new attack vectors, lots of new acronyms, compliance issues, and the old problems aren?t fading away like predicted. What?s a security person to do? Take a l…
00:50:31 |
Mon 09 Jan 2006
Alfredo Ortega: OpenBSD Remote Exploit
OpenBSD is regarded as a very secure Operating System. This article details one of the few remote exploit against this system. A kernel shellcode is described, that disables the protections of the OS…
00:56:18 |
Mon 09 Jan 2006
Disclaimer: The podcast and artwork embedded on this page are the property of Black Hat/ CMP Media, Inc.. This content is not affiliated with or endorsed by eachpod.com.