There are nearly 100 workshops and sessions planned for the Black Hat security conference at Caesar's Palace in Las Vegas this week, so it's understandable if you have a difficult time choosing which ones to attend. Whichever ones you do choose to attend, I think these six should be on your list.
The Rustock Botnet Takedown
The dismantling of the Rustock botnet by Microsoft and the U.S. Marshal Service was a watershed event and one from which spammers have yet to recover. In this session, Julia Wolf and Alex Lanstein of FireEye, which helped Microsoft with the operation, will not only discuss the specifics of dismantling Rustock but explain how the techniques used to do it can be generalized to crackdown on any botnet.
(Aug. 3, Augustus Rooms III and IV, 13:45-15:00)
Pulp Google Hacking: The Next Generation Search Engine Hacking Arsenal
Fran Brown and Rob Ragan, of security consulting firm Stach & Liu, promise "to tear down the basic assumptions about what Google/Bing Hacking is and the extent to which it can be exploited to target organizations and even governments." Since last year's conference, the pair says that they've been working on an "arsenal" of new hacking tools, and they'll be giving them away free at this session. However, they offer this word of caution to anyone contemplating attending their workshop: "For safety, you should be in good health and free from high blood pressure, heart, back or neck problems, motion sickness or other conditions that could be aggravated by this adventure."
(Aug. 3, Augustus V and VI, 16:45-18:00)
Aerial Cyber Apocalypse: If we can do it... they can too
If Google hacking isn't your thing, then you might want to take in this session which poses the question: "What could a low observable autonomous aircraft carrying 10 pounds of cyber-attack tools do to your organization's networks, your nation's critical infrastructure or worse, if it were carrying something unspeakable, what would that do to expectations of public safety?" Richard Perkins, a radio control enthusiast, and fiction writer Richard Thieme, will offer some speculative answers to those questions, as they demonstrate their own Unmanned Aerial Weapon loaded with cyber weaponry under its wings.
(Aug. 3, Augustus Rooms III-IV, 16:45-18:00)
Hacking Androids for Profit.
Known and unknown flaws in the Android operating system and Android Market will be discussed at this session, according to its creators Riley Hassell, who discovered the first critical remote vulnerabilities in Windows 2000 and Windows XP and the vulnerability that triggered the Code Red Internet worm, and his colleague at Privateer Labs, Shane Alexander Macaulay. In addition, the pair promises to reveal "previously undisclosed vulnerabilities in vendor apps installed on millions of US mobile phones and techniques to evade all available security solutions."
(Aug. 4, Milano Rooms I-IV, 10:00-11:00).
Corporate Espionage for Dummies: The Hidden Threat of Embedded Web Servers
How often have we heard the expression, "Computers are everywhere?" How often have we thought about what that means? Michael Sutton, head of Zscaler Labs, has, and his conclusions are a bit scary. "Today, everything from kitchen appliances to television sets come with an IP address," Sutton noted in a description of his session. While those devices with their embedded web servers are now as common as digital displays in hardware devices, sadly, security is not, he explained. His lab spent several months scanning a large portion of the Internet to assess the threat of those devices. Its findings will be presented at the conference, findings Sutton predicts "will make any business owner think twice before purchasing a 'WiFi enabled' device."
(Aug. 4, Augustus Rooms III-IV, 11:15-12:30)
Lives On The Line: Defending Crisis Maps in Libya, Sudan, and Pakistan
Crisis maps use a variety of open source intelligence--Twitter and Facebook feeds and YouTube news reports--to give first responders and humanitarian agencies the kind of geolocation information they need to save lives. "Unfortunately, they can also provide hostile national security services and other malicious groups with the information they need to target vulnerable populations, hunt down individuals, and manipulate response operations," observed the description of this session lead by George Chamales, of Rouge Genius, who advises anyone attending this workshop to "Bring your laptop and toolsets because you will have the opportunity to play the bad actor (a technical member of the secret police or terrorist organization) as well as the defender (the response agency, citizen on the ground, and sysadmin trying to keep the server online)."
(Aug. 4, Augustus Rooms I and II, 16:45-18:00)