Be sure to register and attend Black Hat 2014 USA, August 2 – 7, in Las Vegas, Nev. if you are concerned about the security of your embedded designs and the impact the increasing connecivity of devices and systems in the era of wireless sensors, M2M, IoT and mobile computing.
Now in its seventeenth year, the Black Hat security event https://www.blackhat.com/ will feature more than 100 ground breaking Briefings and workshops nearly 70 deeply technical Trainings, and a show floor with displays and booths of more than 150 security related companies. Among some of the key briefings you may want to intend are:
BadUSB – On Accessories that Turn Evil , in which Karsten Nohl and Jakob Lell provide the details on a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user.provide
USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe – until now. They will demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses and dive into the USB stack and assess where protection from USB malware can and should be anchored.
48 Dirty Little Secrets Cryptographers Don't Want You To Know , in which Thomas Ptacek & Alex Balducci who have collected crypto exploit code in dozens of different languages, ranging from X86 assembly to Haskell. They have built a “Rosetta Code” site with per-language implementations of each of the crypto attacks they have found. For some of the more interesting attacks, they will take attendees step-by-step through exploit code, in several languages simultaneously.
802.1x and Beyond! in which Brad Antoniewicz will dissect IEEE 802.1x, its surrounding protocols (RADIUS/EAP), provide testing tools, and detail a number of vulnerabilities identified in popular supporting systems. He will also demonstrate a vulnerability within a RADIUS server that allows for remote code execution over 802.11 wireless using WPA Enterprise before the user is authorized to join the network.
Breaking the Security of Physical Devices in which Silvio Cesare look at a number of household or common devices and things, including a popular model car and physical security measures such as home alarm systems and then proceed to break the security of those devices. he'll talk about ways of mitigating these attacks, and how to recognize and avoid the badly secured devices and buy the good.
Black Hat USA will take place at the Mandalay Bay Convention Center in Las Vegas, NV, August 2 – 7, 2014. The Trainings will run August 2 – 5 and the Briefings and Business Hall, Workshops and more will run August 6 – 7.