By Robert Vamosi
Defense in Depth
June 26, 2008
Jeff Moss, founder and director of Black Hat, on Thursday moderated the
first-ever Black Hat Webinar, previewing five presentations to be given
at the security conference in Las Vegas in August.
Moss said he was pleased that more than 1,000 people attended and
admitted they were "expecting maybe a few hundred." Black Hat has
already implemented RSS feeds, Twitter, and even a LinkedIn group.
"The Webinars will be much more than that," Moss said. In the future, he
hinted, Black Hat will publish an editorial calendar, with a new Webinar
at least once a month. Moss said that if successful, future Webinars
might also include online training.
During the one-hour broadcast, speakers gave 10-minute previews of five
presentations expected during the Black Hat briefings in Las Vegas,
which will take place August 6-7.
Bruce Potter, founder of the Shmoo Group, talked about "malware
detection through network flow analysis." He said he will be releasing
some software at the conference. He argued that network administrators
can examine data flowing both ways on the network to help identify where
the attacker is coming from. Software expected in August includes an
updated version of Psyche that will have an Ajax-based interface.
Fyodor Vaskovich, founding member of the Honeynet project, talked about
"Nmap--Scanning the Internet." The author of NMAP recently scanned the
entire Internet--the WorldScan Project--and will present his results.
This allows him to verify and refute various assumptions about which
ports to use for scanning. Also, he said, it forces him to improve NMAP.
He gave a few examples of a NMAP scripting engine, fixed-rate packet
sending, enhanced version detection, and improvements to performance and
Shawn Moyer, CISO of Agura Digital Security, and Nathan Hamiel, senior
consultant for Idea Information Security and founder of the Hexagon
Security Group, previewed their talk "Satan is on My Friends List:
Attacking Social Networks." They said they're not just talking about
worm attacks such as Samy back in 2005. They're talking about
user-generated applications and content--are they creating new attack
surfaces? They will also have demonstrations and screen captures to
share in August.
Nathan McFeters and John Heasman talked about "Beyond document.cookie."
In August they'll be joined by Rob Carter in talking about Web 2.0
same-origin policy attacks and other Web 2.0 vulnerabilities.
Steve Reavey, Katie Moussouris, and Steve Adegbite, all of Microsoft,
talked about "Secure the Planet! New Strategic Initiatives from
Microsoft to Rock Your World" or the shorter title "Has Microsoft lost
its mind?" Among other things, they said they will talk about how
Microsoft approaches a security update within Office, from vulnerability
disclosure to patch. Microsoft will also be hosting a two-day "Defending
the Flag" training just prior to the public part of Black Hat on August
2 and 3, and again on August 4 and 5, to show administrators how to
attack Microsoft products to gain insight to how their networks are
After a short question-and-answer period, Moss said the next Webinar
will be held "in about a month" and offered an e-mail address
(subscribe-webcasts (at) blackhat.com) to subscribe for updates.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com