Black Hat is synonymous with "the latest developments in computer security", and undoubtedly meets the expectations of the most demanding technicians and security experts. For the second consecutive year, the eleventh European edition of the congress took place in Spain from March 15 to 18, repeating Barcelona as the venue of the event.
The programming of the event has followed the scheme of the previous year: the first two days dedicated to the workshops and the last two to the presentations. The only difference is that in this edition, unlike last year, they have chosen to leave the keynote or presentation for the end of the first day. On this occasion, it has been in charge of the computer security guru Bruce Schneier, who solved the most relevant doubts about cyberwarfare.
Throughout the congress, the most cutting-edge topics in terms of computer security have been discussed and exposed. From the new techniques and threats to the most far-fetched tricks that only experts, who participate as speakers, are able to find. Below we summarize the news or the most representative of the talks attended by INTECO:
DAY OF MARCH 17
It was to be expected that mobile devices would be present in this addition and surely in the future. In the talk "Attacks against Apple's iOS", different types of techniques that take advantage of certain features to exploit some functionality such as the demo presented where you could make calls through Skype without the owner being aware. In this sense, Android is just as vulnerable since this type of vulnerability is based on URL schemes (URLSchema) that, in many cases, are not even documented.
On this day, a new type of attack called "HTTP Parameter Pollution" (HPP) has been announced, which consists of adding a duplicate parameter to the different web requests (GET, POS and cookies). In addition, a tool has been presented to scan websites and identify if it has the vulnerability and is also exploitable. Its name is PAPAS (PArameter Pollution Analisys System).
There has also been talk of web vulnerabilities and existing frameworks to exploit them such as w3af and the detection of rootkits through a new technique called "kernel code tunneling".
The day ended with the "particular" vision of the concept of cyberwarfare by security expert Bruce Schneier. In the exhibition appeared such particular things as that there is no clear concept in the term "war" over the Internet or cyberspace and others as obvious as that the enemy should not be cut off communications but control them.
DAY OF MARCH 18
In the first workshop we attended on this day they have exposed the possibility of modifying the operating systems (iOS) of Cisco routers through tools such as GDB and Ida Pro. To continue with Cisco, in the following talk we show you that although the devices may be modern, in many cases they are exposed to attacks that could be carried out on the predecessor devices.
WiFi networks have also been protagonists in this edition thanks to the release of the EAPEAK tool to perform intrusion tests on wireless networks.
The session dedicated to the implementation of a distributed GPU environment for the decryption of SHA1 and MD5 keys has been one of the busiest along with that of failures in virtualized systems. In the latter it has been shown that these types of systems are vulnerable to fairly old attacks such as XSS, CSRF, etc. Taking advantage of the features of VASTO (Virtualization ASsessment TOolkit) have been carried out to attacks on commercial applications.
Undoubtedly one of the characteristics that stands out in the Black Hat is the technical content of the talks that in this congress rises to the top. In fact, in many talks it is necessary to have a good basis on the subject at hand so as not to get lost among the technical details of the explanations.
In short, the Black Hat is the most technical forum in computer security at all levels and is one of the congresses, not to say "the congress", where the latest developments in security are revealed, both in software and hardware.
Source: INTECO-CERT
