Black Hat

Displaying 1-17 of 17 results

  • White Papers // Jul 2009

    Null Prefix Attacks Against SSL/TLS Certificates

    The SSL and TLS protocols aim to provide secrecy, authenticity, and integrity safeguarding communication from both passive and active adversaries. SSL and TLS rely heavily on the x500 certificate structure in order to deliver authenticity, and both parties in an SSL/TLS connection have the opportunity to identify themselves with an...

    Provided By Black Hat

  • White Papers // Jul 2009

    Global Spying: Realistic Probabilities in Modern Signals Intelligence

    This paper present insight to the realistic possibilities of Internet mass surveillance. When talking about the threat of Internet surveillance, the common argument is that there is so much traffic that any one conversation or email won't be picked up unless there is reason to suspect those concerned; it is...

    Provided By Black Hat

  • White Papers // Jul 2009

    Advanced MAC OS X Rootkits

    The Mac OS X kernel (xnu) is a hybrid BSD and Mach kernel. While Unix-oriented rootkit techniques are pretty well known, Mach-based rootkit techniques have not been as thoroughly publicly explored. This paper covers a variety of rootkit techniques for both user-space and kernel-space rootkits using unique and poorly under-stood...

    Provided By Black Hat

  • White Papers // Jul 2009

    Your Mind: Legal Status, Rights and Securing Yourself

    One shed digital footprints every day. Using similar technologies to the ones that trackone, it is becoming easier to trace those footprints back tone. If one live in a city in which usage of video surveillance has become widespread, image and travel patterns are often recorded and stored. In London,...

    Provided By Black Hat

  • White Papers // Jul 2009

    Automated Malware Similarity Analysis

    Malware analysis has evolved in both the sophistication of the samples analyzed and the tools of the trade. Unfortunately human analysis of samples is still very expensive and time consuming. As teams of malware analysts have grown larger, the duplication of effort in analyzing similar pieces of code has also...

    Provided By Black Hat

  • White Papers // Jul 2009

    BitTorrent Protocol Abuses

    The BitTorrent protocol is now 7 years old. The protocol has become wildly successful in a very short period of time, but with this success comes growing pains. The protocol originally envisioned by Bram Cohen is fairly secure. Vulnerabilities have been introduced by people trying to do things with the...

    Provided By Black Hat

  • White Papers // Jul 2009

    Sub-Prime PKI: Attacking Extended Validation SSL

    One of the attributes that the paper discusses is the type of SSL certificate presented by a web server when negotiating a secure connection. Modern web browsers support both Domain Validated (DV) and Extended Validation (EV) SSL certificates. EV SSL certificates were created to combat phishing and other web based...

    Provided By Black Hat

  • White Papers // Jun 2009

    How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession

    It is widely accepted that malware and botnets are established predominately to conduct cyber crime. The purpose of this paper is to paint a broad overview of the link between information security and economics and to discuss some research on the link of the CAN-SPAM Act of2003 and the exponential...

    Provided By Black Hat

  • White Papers // Jun 2009

    Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe

    Routine log analysis uncovers suspicious activity dating back several months, and active beaconing reveals a backdoor channel in an exploited piece of production software on network. Anti-Virus did not catch it - updated IDS signatures reveal dozens of compromised machines, all buried beneath a hierarchy of domain controllers and NAT'ed...

    Provided By Black Hat

  • White Papers // Jun 2009

    Mobile Application Security on Android

    Android has a unique security model, which focuses on putting the user in control of the device. Android devices however, don't all come from one place, the open nature of the platform allows for proprietary extensions and changes. These extensions can help or could interfere with security, being able to...

    Provided By Black Hat

  • White Papers // Apr 2009

    Disclosing Private Information From Metadata, Hidden Info and Lost Data

    Documents contain metadata and hidden information that can be used to disclose private data and to fingerprint an organization and its network computers. This document shows what kinds of data can be found, how to extract them and proposes some solutions to the problem stated here. Any paper can have...

    Provided By Black Hat

  • White Papers // Apr 2009

    Taming the Beast : Assess Kerberos-Protected Networks

    Due to its universal support, to the fact that it is Microsoft's default and that it provides for a real SSO solution, Kerberos is a pervasive authentication protocol with a strong reputation of security. This talk will cover some of the issues involved with assessing a Kerberized network both under...

    Provided By Black Hat

  • White Papers // Mar 2009

    Shuntaint: Emulation-Based Security Testing for Formal Verification

    This paper describes an emulated approach to collect traces of program states, in order to verify formally that these traces belong to the algorithm accepted by the provided graph for the Finite State Machine (FSM) specification. Shuntaint can attack most types of erros which allow the execution of arbitrary code....

    Provided By Black Hat

  • White Papers // Mar 2009

    Yes It Is Too Wi-Fi, and No Its Not Inherently Secure

    The focus of this paper are those 802.11 wireless LAN's that utilize FHSS for the 2.4 GHz ISM band. The purpose of this paper is to familiarize the reader with the mechanics of these FHSS based networks; provide background as to historical and modern usage of these networks, provide some...

    Provided By Black Hat

  • White Papers // Mar 2009

    Fun and Games With Mac OS X and iPhone Payloads

    Mac OS X continues to spread among users, and with this increased market share comes more scrutinization of the security of the operating system. The topics of vulnerability analysis and exploit techniques have been discussed at length. However, most of these findings stop once a shell has been achieved. This...

    Provided By Black Hat

  • White Papers // Feb 2009

    Windows Vista Security Internals

    Windows Vista introduces some significant changes in its security architecture; there are also some major changes between Vista RTM (release-to-manufacturing; a Microsoft term for "Gold" code or SP0) and Vista SP1. This paper first provides a brief overview of some of those architectural changes, and will then focus on the...

    Provided By Black Hat

  • White Papers // Aug 2008

    When Lawyers Attack! - Dealing With the New Rules of Electronic Discovery

    The reasons for this ambiguity will become clear as it examine the nature of the common law system, as will the conclusion that these ambiguities have little chance of being cleared up any time soon. Progress, especially the technological kind, waits for no man and therefore anyone doing business in...

    Provided By Black Hat

  • White Papers // Jul 2009

    Sub-Prime PKI: Attacking Extended Validation SSL

    One of the attributes that the paper discusses is the type of SSL certificate presented by a web server when negotiating a secure connection. Modern web browsers support both Domain Validated (DV) and Extended Validation (EV) SSL certificates. EV SSL certificates were created to combat phishing and other web based...

    Provided By Black Hat

  • White Papers // Apr 2009

    Disclosing Private Information From Metadata, Hidden Info and Lost Data

    Documents contain metadata and hidden information that can be used to disclose private data and to fingerprint an organization and its network computers. This document shows what kinds of data can be found, how to extract them and proposes some solutions to the problem stated here. Any paper can have...

    Provided By Black Hat

  • White Papers // Jul 2009

    BitTorrent Protocol Abuses

    The BitTorrent protocol is now 7 years old. The protocol has become wildly successful in a very short period of time, but with this success comes growing pains. The protocol originally envisioned by Bram Cohen is fairly secure. Vulnerabilities have been introduced by people trying to do things with the...

    Provided By Black Hat

  • White Papers // Jun 2009

    How Economics and Information Security Affects Cyber Crime and What It Means in the Context of a Global Recession

    It is widely accepted that malware and botnets are established predominately to conduct cyber crime. The purpose of this paper is to paint a broad overview of the link between information security and economics and to discuss some research on the link of the CAN-SPAM Act of2003 and the exponential...

    Provided By Black Hat

  • White Papers // Jun 2009

    Rapid Enterprise Triaging (RETRI): How to Run a Compromised Network and Keep Your Data Safe

    Routine log analysis uncovers suspicious activity dating back several months, and active beaconing reveals a backdoor channel in an exploited piece of production software on network. Anti-Virus did not catch it - updated IDS signatures reveal dozens of compromised machines, all buried beneath a hierarchy of domain controllers and NAT'ed...

    Provided By Black Hat

  • White Papers // Jul 2009

    Null Prefix Attacks Against SSL/TLS Certificates

    The SSL and TLS protocols aim to provide secrecy, authenticity, and integrity safeguarding communication from both passive and active adversaries. SSL and TLS rely heavily on the x500 certificate structure in order to deliver authenticity, and both parties in an SSL/TLS connection have the opportunity to identify themselves with an...

    Provided By Black Hat

  • White Papers // Jul 2009

    Your Mind: Legal Status, Rights and Securing Yourself

    One shed digital footprints every day. Using similar technologies to the ones that trackone, it is becoming easier to trace those footprints back tone. If one live in a city in which usage of video surveillance has become widespread, image and travel patterns are often recorded and stored. In London,...

    Provided By Black Hat

  • White Papers // Jul 2009

    Automated Malware Similarity Analysis

    Malware analysis has evolved in both the sophistication of the samples analyzed and the tools of the trade. Unfortunately human analysis of samples is still very expensive and time consuming. As teams of malware analysts have grown larger, the duplication of effort in analyzing similar pieces of code has also...

    Provided By Black Hat

  • White Papers // Jul 2009

    Global Spying: Realistic Probabilities in Modern Signals Intelligence

    This paper present insight to the realistic possibilities of Internet mass surveillance. When talking about the threat of Internet surveillance, the common argument is that there is so much traffic that any one conversation or email won't be picked up unless there is reason to suspect those concerned; it is...

    Provided By Black Hat

  • White Papers // Feb 2009

    Windows Vista Security Internals

    Windows Vista introduces some significant changes in its security architecture; there are also some major changes between Vista RTM (release-to-manufacturing; a Microsoft term for "Gold" code or SP0) and Vista SP1. This paper first provides a brief overview of some of those architectural changes, and will then focus on the...

    Provided By Black Hat

  • White Papers // Apr 2009

    Taming the Beast : Assess Kerberos-Protected Networks

    Due to its universal support, to the fact that it is Microsoft's default and that it provides for a real SSO solution, Kerberos is a pervasive authentication protocol with a strong reputation of security. This talk will cover some of the issues involved with assessing a Kerberized network both under...

    Provided By Black Hat

  • White Papers // Mar 2009

    Shuntaint: Emulation-Based Security Testing for Formal Verification

    This paper describes an emulated approach to collect traces of program states, in order to verify formally that these traces belong to the algorithm accepted by the provided graph for the Finite State Machine (FSM) specification. Shuntaint can attack most types of erros which allow the execution of arbitrary code....

    Provided By Black Hat

  • White Papers // Aug 2008

    When Lawyers Attack! - Dealing With the New Rules of Electronic Discovery

    The reasons for this ambiguity will become clear as it examine the nature of the common law system, as will the conclusion that these ambiguities have little chance of being cleared up any time soon. Progress, especially the technological kind, waits for no man and therefore anyone doing business in...

    Provided By Black Hat

  • White Papers // Mar 2009

    Yes It Is Too Wi-Fi, and No Its Not Inherently Secure

    The focus of this paper are those 802.11 wireless LAN's that utilize FHSS for the 2.4 GHz ISM band. The purpose of this paper is to familiarize the reader with the mechanics of these FHSS based networks; provide background as to historical and modern usage of these networks, provide some...

    Provided By Black Hat

  • White Papers // Mar 2009

    Fun and Games With Mac OS X and iPhone Payloads

    Mac OS X continues to spread among users, and with this increased market share comes more scrutinization of the security of the operating system. The topics of vulnerability analysis and exploit techniques have been discussed at length. However, most of these findings stop once a shell has been achieved. This...

    Provided By Black Hat

  • White Papers // Jul 2009

    Advanced MAC OS X Rootkits

    The Mac OS X kernel (xnu) is a hybrid BSD and Mach kernel. While Unix-oriented rootkit techniques are pretty well known, Mach-based rootkit techniques have not been as thoroughly publicly explored. This paper covers a variety of rootkit techniques for both user-space and kernel-space rootkits using unique and poorly under-stood...

    Provided By Black Hat

  • White Papers // Jun 2009

    Mobile Application Security on Android

    Android has a unique security model, which focuses on putting the user in control of the device. Android devices however, don't all come from one place, the open nature of the platform allows for proprietary extensions and changes. These extensions can help or could interfere with security, being able to...

    Provided By Black Hat