Black Hat Europe 2012 is close to us! And for me, even closer: After two years in Barcelona, the well-known security conference will come back to Amsterdam! New location but also a new format: The organizers decided to switch from a 2×2 days event (two days of trainings and two days of briefings) to a three days format. The schedule is also spread across three talks in parallel. And what about the trainings? Only three are organized this year, one per day. My press pass was again approved (Big thanks to the organizers!) and I’ll be present and write wrap-ups like I did in the past: 2009, 2010 (day 1 / day 2), 2011 (day 1 / day 2).
I already took a quick look at the schedule and big names are announced: Felix ‘FX’ Lindner, David Litchfield, Rafal Los or Shreerag Shah. The following workshop looks interesting: “Understanding Botnets By Building One” by Ken Baylor. Did you ever dream to build and control your own Zeus botnet? A special mention for the “Malicious PDF Analysis” workshop proposed by my friend Didier Stevens.
Seeing the awesome list of briefings, three tracks in parallel will for sure cause agenda conflicts My current wish list of briefings to follow is:
- War Texting: Weaponizing Machine to Machine Systems
- SSL/TLS Interception Proxies and Transitive Trust
- FYI: You’ve Got LFI
- Beyond Scanning: Automating Web Application Security Tests
- Finding Needles in Haystacks (the Size of Countries)
- Issues with Embedded Device Disclosures: Helping the Vendors and Recognizing the End-Users
- All Your Calls Are Still Belong to Us: How We Compromised the Cisco VoIP Cyrpto Ecosystem
- They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces
- Cyber-Attacks & SAP Systems: Is Our Business-Critical Infrastructure Exposed?
- An Attacker’s Day into Virology: Human Vs Computer
- 36 Views of Cyberspace
- “Secure Password Managers” and “Military-Grade Encryption” on Smartphones: Oh Really?
- Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis
- The Pwnage Saga Continues
- Preventing “Oh Shit!” Moments for 20 Euros or Less
- Drop it Like it’s Hotspot: Hacking Mifi Routers for Nefarious Purposes
- IVR Security: Internal Network Attack via Phone Lines
An interesting new event is also announced: The “Black Hat Arsenal“. Security researchers, who submitted and were approved (the CFP closed a few days ago), will have a special area with facilities to demonstrate their work: live demos, Q&A and lot of fun. The list of tools to be presented is not yet online. I’ll for sure visit this area.
If you’d like to meet, let me know. See you in Amsterdam and don’t forget to follow the hashtag #blackhateu on Twitter!