Black Hat Conference Spotlights Mobile Security, Critical Infrastructure

Black Hat USA, the annual convention for security researchers now in its 15th year, is now officially under way in Las Vegas.

The convention began in earnest with training sessions on July 21, and will continue until Thursday, July 26. This year’s conference is expected to draw some 6,500 attendees and feature 82 sessions across nine different tracks. All totaled, it will also include the release of 36 tools, 17 zero-day disclosures and 49 on-stage demonstrations.

Terry Ford, general manager of the conference, said it will be the largest ever.

“Black Hat, since inception, has moved the security conversation forward, bringing research and its far-reaching implications to light,” he said. “Part of this has had a direct impact on the vendor’s ‘age of innocence.’ Over the years, we have all seen the news where Black Hat researchers have had gag orders executed, cease-and-desist notifications served. Most vendors now understand that security must be addressed directly€”not buried by legal teams filing paperwork while marketers spin messaging.”

This year’s conference features a number of talks related to privacy, critical infrastructure and mobile security€“particularly Apple’s iOS mobile operating system, which the company itself will be on hand to discuss while numerous security researchers take a poke at it in their own presentations. Google Android devices will be in the spotlight as well, with researchers from Trustwave, for example, demonstrating how Google’s Bouncer security system can be bypassed to target Google’s app store.

On the critical infrastructure front, there will be a talk on July 25 about threats to air traffic control systems presented by security researcher Andrei Costin, as well as talks on smart meter security and threats to industrial systems. Meanwhile, Robert Clark, operational attorney for U.S. Cyber Command, will be on hand to discuss the legal aspects of cyber-space operations.

Other topics include HTML5, which Shreeraj Shah, founder of application security vendor Blueinfy Solutions, will discuss in a talk about the top

10 HTML5 security threats

, as well as the security of payment systems.

“We€™re really excited about our €œFuturist Panel.€ During this session, Black Hat will host a presentation €œSmashing the Future for Fun and Profit,€ welcoming back five of the original speakers from the earliest Black Hat events: Jeff Moss, Bruce Schneier, Marcus Ranum, Adam Shostack, and Jennifer Granick,” Ford said. “These experts will convene, not as a traditional panel, but to share their individual visions for what the next 15 years will bring the world of security.”

The

conference’s

general briefings will be held July 25 and July 26.