Web application security highlighted at Black Hat

LAS VEGAS -- The hacker community will dissect the security of Windows Vista, databases, Web applications and technologies like NAC (network admission journal_ttf_51749 error fixer control) and VoIP (voice over IP) at this year's Black Hat USA 2006 gathering, which starts Wednesday. Microsoft hopes to convince attendees that Windows Vista is the most secure operating system ever, with an entire ALT Key(s) And Control Key(s) Disabled, Recurring Problem On Windows XP track of presentations scheduled on the subject. Security researchers will also unveil 15 new exploits, including two targeting NAC and VoIP vulnerabilities in products from Cisco Systems Inc. and other vendors. Database security, particularly regarding Oracle Corp., will recuperare file cancellati da scheda sd also come under scrutiny.

Also at Black Hat, which will be held at Caesars Palace:

Jeremiah Grossman, founder and CTO of Santa Clara, Calif.-based WhiteHat Security Inc., will give a presentation demonstrating how invisible JavaScript exploit code can be used to spy on Web site visits, hijack cookies and record keyboard strokes.

Researchers from Atlanta, Ga.-based SPI Dynamics Inc. will offer presentations called "Zero Day Subscriptions: Using RSS and Atom Feeds as Attack Delivery Systems," and "AJAX (in)Security." AJAX, which stands for Asynchronous JavaScript and XML, has become a popular interactive Web design method.

Joanna Rutkowska, a security researcher for Singapore-based IT security firm COSEINC, will give a presentation on "Blue Pill," technology I cannot delete an entire portion of a given text after highlighting she said could be used to create "100% undetectable malware." Rutkowska has said that Blue Pill is important because it demonstrates how hardware virtualization technology could become a major security threat Free Windows 10 Fixer in the 6 Reasons to Consider a Career in Massage Therapy coming years, when more people will use processors with hardware virtualization support.

On the Oracle security front, Alexander Kornbrust, database security researcher and business director at German firm Red-Database-Security GmbH, will offer a presentation on dxskinsdxdlpainterd12_bpl_25519 error fixer Oracle rootkits. Plus Pete Finnigan, author of Oracle Security Step By Step and keeper of a popular blog on the subject of Oracle security, will speak on the security weaknesses of Can't Send An Email With More Than 5 Attachments! PL/SQL, the flagship language used inside the Oracle database. David Litchfield, managing director at UK-based Next Generation Security Software Ltd., has unveiled mountains of Oracle flaws at past Black Hat appearances. He will be presenting again this year, though details of this year's presentation were not immediately available.

This year's Black Hat is expected to have a different flavor from recent years for a few reasons. For starters, this will be Microsoft's first appearance at the hacker-oriented gathering. Microsoft security program manager Stephen Toulouse said recently recuperar memoria sd that the idea is to provide deeply technical presentations on Windows Vista security to the hacker community and demonstrate awesomcxrn_exe_10 error fixer how it's the most secure operating system Microsoft has ever developed.

John Lambert, group manager in Microsoft's Security Engineering and Communications Group, will also be on hand to discuss the security engineering process behind Vista. Specifically, he will show how Vista's engineering process differs from that of Windows XP, and he'll display new features designed rescue pro review to blunt memory-overwrite flaws.

Some attendees may be curious to learn whether the tone of the event will be different from hp_npc_prjgraphicsvideodisplay_pl_pl_h1s_44009 error fixer previous years, since the conference is now organized by CMP Media LLC. Black Hat Briefings Director and Founder Jeff Moss sold it to CMP last year.

In a statement, Moss also noted that this is the first year entire tracks will be focused on topics such as databases, VoIP, rootkits, Microsoft and forums.

Last year's confab was dominated Occasionally I Get A Windows Error Page Pop Up(Windows Can Not Display This Webpage) by the controversy caused by researcher Michael Lynn's Black Hat excel 2007 pivot table question demonstration of a Cisco router exploit. Lynn isn't scheduled When Windows 7 Updated The Internet Access Is Denied But The LAN Card Is Working Properly. Then The System Restore Is The Only Resort. as a presenter at this year's proceedings, which take place Aug. 2 and 3, but Cisco's products may be under the microscope again as researchers discuss the weaknesses in NAC and VoIP.

Black Hat and Cisco settled a lawsuit about the Lynn affair after conference organizers promised not to proliferate Lynn's findings. A Cisco lawsuit regarding any potential disclosures at this week's conference is considered unlikely because the NAC and VoIP exploits being featured hp_npc_prjgraphicsvideodisplay_ru_ru_h1s_44010 error fixer are said to be related to underlying technologies used in many products, not just those offered by Cisco.

This year's conference is expected to attract more than 3,000 technically advanced computer security experts, bringing together a unique mix of federal agents, corporate security professionals and the best underground hackers, CMP said in a press release.

"Highlights include new rootkit tools, new VoIP exploits, a dozen high-level feds, exciting zero-days, new contests, and some secret golden eggs," Moss said.

This article originally appeared on SearchSecurity.com.