Dark Reading Daily -- August 05, 2020

Follow Dark Reading:

August 05, 2020

LATEST SECURITY NEWS & COMMENTARY

Pen Testers Who Got Arrested Doing Their Jobs Tell All

Coalfire's Gary De Mercurio and Justin Wynn share the details of their physical penetration-testing engagement gone wrong, as well as recommendations for protecting all red teamers.

New Spin on a Longtime DNS Intel Tool

Domain Name Service database service Farsight Security, the brainchild of DNS expert Paul Vixie, celebrates 10 years with new modern features.

Dark Reading Video News Desk Returns to Black Hat

Coming to you prerecorded from in front of carefully arranged bookcases around the world ...!

Omdia Cybersecurity Accelerator Analysts to Take Part in Black Hat USA 2020

Analysts will participate in the Black Hat Briefings, taking place Aug. 4-6, discussing cybersecurity research, offering exclusive video presentations, and meeting with vendors and attendees.

11 Hot Startups to Watch at Black Hat USA

A sneak peek at the up-and-coming organizations to check out on the Black Hat USA virtual show floor.

11 Security Tools to Expect at the Black Hat USA 2020 Arsenal Virtual Event

More than 130 security researchers and developers are ready to showcase their work.

MORE NEWS & COMMENTARY


HOT TOPICS
BRIEFING HIGHLIGHTS All times are Pacific Time (GMT/UTC-7h) Hacking the Supply Chain – The Ripple20 Vulnerabilities Shlomi Oberman Wednesday, August 5 \| 10:00am-10:40am This is the story of how we found and exploited a series of critical vulnerabilities (later named Ripple20) affecting tens or hundreds of millions of IoT devices across all IoT sector conceivable - industrial controllers, power grids, medical, home, networking, transportation, enterprise, retail, defense, and a myriad of other types of IoT devices, manufactured and deployed by the largest American and international vendors in these fields. Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities Yonghwi Jin Thursday, August 6 \| 12:30pm-1:10pm In this talk, we will share our Safari exploit submitted to Pwn2Own 2020. Combining six different vulnerabilities, our exploit successfully compromises the macOS kernel starting from the Safari browser. It breaks every mitigation in macOS including ASLR, DEP, sandbox, and even System Integrity Protection (SIP). MORE

FEATURED ARSENAL SESSION

All times are Pacific Time (GMT/UTC -7h)

Where Threat Intelligence Meets DNS

Arsenal Track: Malware Defense

Wednesday, August 5 | 12:00pm-1:00pm Vadim Pavlov discusses RpiDNS, a new feature integrated into ioc2rpz.gui which includes an installation script and a web interface to monitor and manage local secure DNS services.

COMING ON THURSDAY

Mole: Out-of-Band Exploitation Framework

Zach Grace

Thursday, August 6 | 11:00am-12:00pm Mole is a new open source framework for identifying and exploiting out-of-band (OOB) application vulnerabilities in applications. Mole provides an all-in-one payload generation framework and callback/payload server that streamlines the OOB payload creation and exploitation processes.

Tech Resources

ACCESS TECH LIBRARY NOW

The Threat From the Internet - and What Your Organization Can Do About It
In this webinar, experts describe some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business.
The ROI Story: Identifying & Justifying Disruptive Technology
This webinar will assist anyone interested in how to use financial analysis as a framework to optimize strategic decision-making.

FEATURED REPORTS

CURRENT ISSUE

Special Report: Computing's New Normal, a Dark Reading Perspective
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

Exabeam Announces New Use Case Licensing and Content Library to Simplify SIEM Adoption, Enable Increased Visibility

Federal, State, Local, and Private-Sector Partners Conduct Nationwide Exercise to Test Election Day Plans

DHS Awards $1 Million Phase 2 Contract to Waverley Labs to Deploy the Dynamic AccessID (TM) Network

MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.