Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Black Hat USA
August 1-6, 2020
Las Vegas, NV, USA
Black Hat Asia
September 29 - October 2, 2020
Singapore
Black Hat Europe
November 9-12, 2020
London UK
3/8/2019
11:00 AM
Black Hat Staff
Black Hat Staff
Event Updates
50%
50%

Sign Up Now for Practical, Hands-On Training at Black Hat Asia

These multi-day Trainings provide excellent hands-on technical skill-building opportunities, but you have to act fast -- many are almost sold out.

With just weeks to go until Black Hat Asia kicks off in Singapore, organizers want to quickly remind you that you can still sign up for two and four-day Training sessions -- but you have to hurry, because many are almost sold out.

Often designed exclusively for Black Hat, these multi-day Trainings provide hands-on technical skill-building opportunities, making them a great way to efficiently level up your skillset under the tutelage of top security experts.

Pentesting Industrial Control Systems”, for example, is a 2-day Training that will teach you everything you need to start pentesting industrial control networks. You’ll cover the basics to help you understand the most common ICS vulnerabilities, then spend some time learning and exploiting Windows & Active Directory weaknesses (as most ICS are controlled by Windows systems).

The Training will end with a challenging hands-on exercise: A capture-the-flag challenge in which you capture a real flag! Using your newly acquired skills, you will try to compromise a Windows Active Directory, then pivot to an ICS setup to take control of a model train and robotic arms.

Tactical OSINT For Pentesters” is another promising 2-Day Training that will help you become a better pentester by teaching you how to effectively reconnoiter a target using open-source intelligence (OSINT).

Covering critical topics like attack surface mapping, employee profiling, and identifying hidden injection points, this Training aims to help you effectively protect clients against the latest threats. You’ll be provided with a framework to manage and prioritize all the data collected during the course, as well as private lab access for one month so you can practice what you learned. Don’t miss it!

If you’re looking for something a bit more advanced, consider “Advanced Infrastructure Hacking - 2019 Edition”, a fast-paced 2-Day Training that covers a wide variety of neat, new and ridiculous techniques to compromise modern operating systems and networking devices.

This is a condensed and streamlined version of a 4-Day Training, and to fit the entire training material within 2 days, some of the exercises have been replaced by demos shown by the instructor. It offers a lot of practical, hands-on learning. Plus,  students will receive a free month of lab access to practice each exercise after the class.

While most of the 4-Day Trainings at Black Hat Asia are now sold out, there’s still a little room left to sign up for “Adversary Tactics- Red Team Ops,” an intense course that will walk you through how to perform Red Team operations and defend against modern threats.

You’ll be immersed in a simulated enterprise environment, with multiple domains, up-to-date and patched operating systems, modern defenses, and active network defenders responding to Red Team activities. You’ll also learn about all phases of a Red Team engagement in depth: advanced attack infrastructure setup and maintenance, user profiling and phishing, advanced Kerberos attacks, data mining, and exfiltration. Sign up quick -- only a few spaces remain!

Black Hat Asia returns to the Marina Bay Sands in Singapore March 26-29, 2019. For more information on what's happening at the event and how to register, check out the Black Hat website.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-8423
PUBLISHED: 2020-04-02
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
CVE-2019-14868
PUBLISHED: 2020-04-02
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those env...
CVE-2019-20635
PUBLISHED: 2020-04-02
codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
CVE-2020-11452
PUBLISHED: 2020-04-02
Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or databases. By providing an external URL under attacker control, it's possible to send requests to external resources (aka SSRF) or leak files from the local system using the f...
CVE-2020-11453
PUBLISHED: 2020-04-02
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit it ...