Tag Archive for: hat.

KSA Collabs With Black Hat Organizers To Launch @Hack Conference To Tackle International Cyber Risk

/in


Happening on November 28-30, 2021, @Hack is bringing together the world’s most prominent hackers and trainers to explore breakthrough issues, trainings and trends within the information security community.



a screen shot of a computer

© Shutterstock


The event is organized by the Saudi Federation of Cybersecurity, Programming and Drones (SAFCSP), which is behind some of KSA’s prominent high-tech bootcamps and events, and in association with Informa Tech, the organizers of the renowned cybersecurity networking event series Black Hat. Bringing their global experience and industry know-how, @Hack is set to occur at the Riyadh Front Expo Centre, in a partnership with national telecoms operator STC.

The premier event is held in support of Saudi Arabia’s Vision 2030 and SAFCSP’s mission to make one in every 100 Saudi citizens a programmer to advance the Kingdom’s distinction in the tech industry.

The three-day conference will have in-depth, hands-on technical courses on topics ranging from offensive security, to the latest techniques in penetration testing, infrastructure hacking, mobile application security, analyzing automotive electrical systems, and more.

Loading...

Load Error

@Hack will feature 250 cutting-edge brands, including 40 promising startups, in its Innovation City exhibition hall. The event will feature an Executive Summit to bring together leading Chief Information Security Officers (CISOs) to look into the Middle East’s cybersecurity needs, including security guru and cybersecurity author Bruce Schneier. More than 250 leading infosec experts and hackers will showcase advanced research, new vulnerabilities, open-source tools and more. It has an impressive list of speakers, including former US marine and ethical hacker Bryan Seely, known as the only person to wiretap the US Security Service and FBI; Hector Monsegur, controversial hacker and former head of the Anonymous hacking group; Chris Tarbell, former FBI special agent who caught Black Hat hacker Monsegur; Shira Rubinoff, cybersecurity and blockchain advisor, who serves as President of Prime Tech Partners and SecureMySocial; Jaya Baloo, CISO at Avast; and Olivera Zatezalo, CSO at Huawei Canada.

The event will put…

Source…

Troy Hunt at Black Hat Asia: ‘We’re making it very difficult for people to make good security decisions’

/in


Have I Been Pwned founder’s keynote offered a sobering counterpoint to the well-meaning ‘World Password Day’

Troy Hunt at Black Hat Asia: 'We're making it very difficult for people to make good security decisions'

Imagine a parent’s terror when the geolocation of their child’s smart watch suddenly switches from tennis practice to the middle of the ocean.

This was precisely the scenario simulated by Ken Munro of UK infosec firm Pen Test Partners via exploitation of an insecure direct object reference (IDOR) vulnerability in an IoT device, and with help from Troy Hunt, creator of data breach record index Have I Been Pwned, and his daughter.

This was one of many eye-opening tales of shoddy security behind the “endless flow of data” into Have I Been Pwned recounted today (May 6) during Hunt’s keynote address at the all-virtual Black Hat Asia 2021.

Another API flaw in the TicTocTrack kids watch meant Munro’s colleague, Vangelis Stykas, successfully initiated a voice call through the device with zero interaction required from the wearer.

Logged into his own account, Munro also compromised other ‘family’ accounts by simply changing an identifier parameter. A subsequent security patch created an even more egregious regression bug.

Hunt also cited a purely physical intrusion that nevertheless “perfectly illustrates” his digital insecurity theme.

Having notified the vendor that he had dismantled their $47.99 biometric lock, a popular YouTube lock-picker was told the contraption was “invincible to people who do not have a screwdriver”.

Phishy email marketing

During his keynote, Hunt noted that even supposedly security-conscious organizations are “making it very difficult for people to make good security decisions”.

The infosec pro cited a ‘phishy’ email he received from Australia’s ANZ Bank featuring a suspicious, HTTP URL that redirected to another suspicious URL: ‘c00.adobe.com’.

The email turned out to be a genuine ANZ communication.

“Over and over again”, lamented Hunt, we see “legitimate organizations sending legitimate communications that are indistinguishable from phishing attacks”.

rrrAustralian infosec pro Troy Hunt delivered the Black Hat Asia 2021 keynote

Publicly accessible databases

Founded in 2013, Have…

Source…

Convention lets kids learn about ‘white hat hacking’ | Lifestyles

/in


BLOOMSBURG — Kids ages 7 to 17 are invited to learn about “white hat hacking” at a special conference hosted by the Bloomsburg Children’s Museum this Saturday.

The event will be held from 10 a.m. to 4 p.m. in the Arts & Crafts Building on the Bloomsburg Fairgrounds, and will feature guest speakers, workshops, and STEM work stations. Doors will open at 9 a.m.

Participants will learn from ethical hackers, information security professionals, and educators, and will have a chance to win prizes.

According to museum director Ginny Weibel, “Students will learn how to code, program, work with robotics, make electrical circuits, break codes and ciphers, engineer rockets, and learn about internet safety.

“We also take the term ‘hack’ loosely at our conference,” she added, “so kids will learn things like financial hacks and healthy eating hacks.”

Hak4Kidz began in 2017 and was created to complement BloomCON, Bloomsburg University’s annual digital forensics, cybersecurity, and hacking conference, which each year hosts a variety of speakers and features unique workshops and cybersecurity challenges. BloomCON will be held virtually this year. The BloomCON Hak4Kidz event was canceled last year due to COVID shutdowns.

Webel said attendance at the conference grew from 40 people in 2017 to more than 400 in 2019.

Dubbed as “Pennsylvania’s only kid-friendly hacking conference,” Weibel said “you’d have to go to Washington D.C. or Chicago to get to a similar conference.”

The museum, along with BloomCON leader Dr. Phil Polstra, worked with Dave Schwartzberg, founder of Hak4Kidz in Chicago to bring the program to Bloomsburg.

“The need to get kids interested in STEM-type jobs is undeniable,” Weibel said. “The Pennsylvania Department of Education reports that there will be a 9 percent growth in STEM-related jobs in the state by 2026 – that’s over a half million jobs.” The department also reports, she said, that in 10 years, 71 percent of all new jobs in the state will require computer science skills.

“Having a conference of this type in our region adds so much…

Source…

Infosec community disagrees with changing ‘black hat’ term due to racial stereotyping – ZDNet

/in

Infosec community disagrees with changing ‘black hat’ term due to racial stereotyping  ZDNet
“android security news” – read more