- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
#BlackHat preview: Mobile threats take center stage
With everyone and their grandparents in possession of smartphones these days, mobile threats are of great interest to Black Hat USA attendees. Vincenzo Iozzo, director of vulnerability intelligence at Trail of Bits and a member of Black Hat's content review board, spoke with me this afternoon about what to expect in this year's mobile track.
One of the big points Iozzo hopes attendees get this year is that we can no longer consider mobile and desktop threats as two separate things. The talks will address, among other things, how attackers can use infected smartphones to penetrate company networks and how the task is being made easier because of the BYOD trend.
One of Iozzo's bigger concerns is what attackers can do via baseband attacks, which Ralf-Philipp Weinmann will cover in a talk called "Scaling Up Baseband Attacks."
Weinmann, a research associate at the University of Luxembourg, will demonstrate an attack vector that allows an attacker to remotely exploit bugs in a certain component of the baseband stack over an IP connection. Depending on the configuration of certain components in the carrier network, a large population of smartphones may be simultaneously attacked without even needing to set up your own base station, Weinmann says in the talk description on the Black Hat USA 2012 website.
Other talks Iozzo is excited about includes:
--"Advanced Arm Exploitation," in which presenters Stephen Ridley and Stephen Lawler demonstrate how to defeat XN, ASLR, stack cookies, etc. using nuances of the ARM architecture on Linux.
--"Don't Stand So Close To Me: An Analysis of the NFC Attack Surface," in which researcher Charlie Miller gives an overview of Near Field Communication (NFC) and possible ways to exploit it.
--"Probing Mobile Operator Networks," in which researcher Collin Mulliner demonstrates how to probe cellular networks from start to end and examines the resulting security risks.
The mobile track will run all day July 25.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Mobility Outlook Report - Smart Mobility for Better Business
- Achieve Seamless Digital Experiences in a Multi-Channel World
- Mobile Application Management and Today's Enterprise
- eBook: Security for a faster world
- Top 8 Identity & Access Management Challenges with SaaS Apps
- The Importance of Managing Privileged Accounts