))
Past speeches and talks from the Black Hat Briefings computer security conferences. The Black Hat Briefings in Japan 2006 was held October 5-6 in Tokyo at the Keio Plaza Hotel. Two days, four different tracks. Mitsugu Okatani, Joint Staff Office, J6, Japan Defense Agency was the keynote speaker. Some speeches are translated in English and Japanese. Unfortunately at this time speeches are not available in Both languages. A post convention wrap up can be found at http://www.blackhat.com/html/b ...
…
continue reading
1
Yuji Hoshizawa: Increasingly-sophisticated Online Swindler (English)
1:22:35
1:22:35
Play later
Play later
Lists
Like
Liked
1:22:35
"To know various fraud schemes is important when implementing counter measures against it. During this session, the presenter will show the latest online fraud schemes. Vulnerable Internet users could easily be captured in the traps of which set up by criminals who take increasingly sophisticated online fraud schemes such as Phising and One Click F…
…
continue reading
Jeff Moss Welcomes Attendess of the Black Hat Conference, October 5-6 in Tokyo at the Keio Plaza Hotel. Two days, four different tracks. Mitsugu Okatani, Joint Staff Office, J6, Japan Defense Agency was the keynote speaker.By feedback@blackhat.com (Black Hat RSS Feed)
…
continue reading
Jeff Moss Welcomes Attendess of the Black Hat Conference, October 5-6 in Tokyo at the Keio Plaza Hotel. Two days, four different tracks. Mitsugu Okatani, Joint Staff Office, J6, Japan Defense Agency was the keynote speaker.By feedback@blackhat.com (Black Hat RSS Feed)
…
continue reading
1
Thorsten Holz: Catching Malware to Detect, Track and Mitigate Botnets (Japanese)
1:29:27
1:29:27
Play later
Play later
Lists
Like
Liked
1:29:27
"Botnets pose a severe threat to the today?s Internet community. We show a solution to automatically, find, observeand shut down botnets with existing opensource tools, partially developed by us. We start with a discussion of a technique to automaticallycollect bots with the help of the tool nepenthes.We present the architecture and give technical …
…
continue reading
1
Takayuki Sugiura: Winny P2P Security (Japanese)
1:42:02
1:42:02
Play later
Play later
Lists
Like
Liked
1:42:02
"There have been a series of information leak incidents being happening in Japan regarding to the use of P2P file sharing softwares. But those incidents are just a tip of iceberg. There were expected to be tens of thousands of incidents that even not reported in the news. P2P file sharing softwares usually designed to enhance user anonymity therefo…
…
continue reading
1
Scott Stender: Attacking Internationalized Software (English)
1:32:53
1:32:53
Play later
Play later
Lists
Like
Liked
1:32:53
"Every application, from a small blog written in PHP to an enterprise-class database, receives raw bytes, interprets these bytes as data, and uses the information to drive the behavior of the system. Internationalization support, which stretches from character representation to units of measurement, affects the middle stage: interpretation.Some sof…
…
continue reading
1
Paul Bohm: Taming Bugs: The art and science of writing secure code (English)
1:14:14
1:14:14
Play later
Play later
Lists
Like
Liked
1:14:14
If you give a thousand programmers the same task and the same tools, chances are a lot of the resulting programs will break on the same input. Writing secure code isn't just about avoiding bugs. Programming is as much about People as it is about Code and Techniques. This talk will look deeper, beyond the common bug classes, and provide explanations…
…
continue reading
1
Mitsugu Okatani: Keynote: Change in the Meaning of Threat and Technology...What are the Current Trends in Japan? (Japanese)
1:04:21
1:04:21
Play later
Play later
Lists
Like
Liked
1:04:21
"As the Internet becomes a social framework, attacks and incidents with various intents have been actualized. As a result, previously unrelated organizations and groups have become actively engaged in discussions regarding threats and technology. In addition, they have begun to approach and actively engage in creating and implementing information s…
…
continue reading
1
Kenneth Geers & Alexander Eisen: IPv6 World Update:Strategy & Tactics (Japanese)
1:26:00
1:26:00
Play later
Play later
Lists
Like
Liked
1:26:00
"The U.S. Government has mandated that its organizations be IPv6-compliant by June 30, 2008. The Japanese government has already missed more than one IPv6 deadline. But while we can argue about specific dates for compliance and deployment, there is no question but that your organization must begin to prepare for the next generation Internet, and it…
…
continue reading
1
Joanna Rutkowska: Subverting Vista Kernel For Fun And Profit (English)
1:24:12
1:24:12
Play later
Play later
Lists
Like
Liked
1:24:12
"The presentation will first present how to generically (i.e. not relaying on any implementation bug) insert arbitrary code into the latest Vista Beta 2 kernel (x64 edition), thus effectively bypassing the (in)famous Vista policy for allowing only digitally singed code to be loaded into kernel. The presented attack does not requite system reboot.Ne…
…
continue reading
1
Jeremiah Grossman: Hacking Intranet websites from the outside: Malware just got a lot more dangerous (English)
1:24:26
1:24:26
Play later
Play later
Lists
Like
Liked
1:24:26
"Imagine you?re visiting a popular website and invisible JavaScript Malware steals your cookies, captures your keystrokes, and monitors every web page that you visit. Then, without your knowledge or consent, your web browser is silently hijacked to transfer out bank funds, hack other websites, or post derogatory comments in a public forum. No trace…
…
continue reading
1
Heikki Kortti: Input Attack Trees (Japanese)
1:21:52
1:21:52
Play later
Play later
Lists
Like
Liked
1:21:52
"By modeling all of the possible inputs of a protocol or file format as an input tree, the potential weak points of an implementation can beassessed easily and efficiently. Existing attacks can be reused for similar structures and datatypes, and any complex or susceptible areas can be focused on to improve the probability for success. This method i…
…
continue reading
1
Darren Bilby: Defeating Windows Forensic Analysis in the Kernel (Japanese)
55:26
55:26
Play later
Play later
Lists
Like
Liked
55:26
"It is 4pm on a Friday, beer o'clock. You're just eyeing up your first beer and thinking about where the fish will be biting tomorrow. The phone rings, something "funny" is happening on a client's web server. A lot of money passes through the server and it looks like it could be serious. IDS on the network picked up a crypted command shell heading …
…
continue reading
1
Dan Moniz: Six Degrees of XSSploitation (Japanese)
51:49
51:49
Play later
Play later
Lists
Like
Liked
51:49
Social networking sites such as MySpace have recently been the target of XSS attacks, most notably the "samy is my hero" incident in late 2005. XSS affects a wide variety of sites and back end web technologies, but there are perhaps no more interesting targets than massively popular sites with viral user acquisition growth curves, which allow for e…
…
continue reading
1
Alex Stamos & Zane Lackey: Breaking AJAX Web Applications: Vulns 2.0 in Web 2.0 (English)
1:32:36
1:32:36
Play later
Play later
Lists
Like
Liked
1:32:36
"The Internet industry is currently riding a new wave of investor and consumer excitement, much of which is built upon the promise of "Web 2.0" technologies giving us faster, more exciting, and more useful web applications. One of the fundamental "Web 2.0" is known as Asynchronous JavaScript and XML (AJAX), which is an amalgam of techniques develop…
…
continue reading
