Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

5/7/2021
08:30 AM
Dark Reading Staff
Dark Reading Staff
Edge Articles
50%
50%

Black Hat Asia Speakers Share Secrets About Sandboxes, Smart Doors, and Security

Find video interviews with some of the coolest Black Hat Asia experts right here, as part of the Dark Reading News Desk this week.

'Enter Sandbox': Automating Linux Seccomp for Better AppSec: Linux seccomp is a powerful way to build secure applications, but it’s a grueling manual process. At Black Hat Asia, security researchers (slash Metallica fans) show how they’ve now automated the process to expand its use. Claudio Canella, phD candidate at Graz University of Technology tells Dark Reading about the session "Enter Sandbox," co-presented by Graz University of Technology postdoctoral researcher Mario Werner and Hemoltz Center for Information Security faculty Michael Schwarz.   

 

How to Find Big Stacks of TCP/IP Stack Bugs: Forescout security researcher Daniel Dos Santos discusses the latest crop of TCP/IP bugs they’ve discovered, and what they've discovered about discovering bugs. At Black Hat Asia, Dos Santos and JSOF CEO Shlomi Oberman present "The Cost of Complexity: Different Vulnerabilities While Implementing the Same RFC." 

 

How I Can Unlock Your Smart Door: Security Flaws in IoT Access Control : Mainstream IoT vendors support the ability to delegate device access across clouds and users. Security researchers at Black Hat Asia who examined the security implications of this capability will demonstrate how authorization could easily go wrong. Luyi Xing, Assistant Professor of Computer Science at Indiana University Bloomington; Yan Jia, Research Associate at Nankai University, and Bin Yuan, Postdoc at Huazhong University of Science and Technology and Indiana University Bloomington, tell Dark Reading about their research.

 

Reverse Engineering Compliance for Better Security (and More Fun): Regulatory compliance could be a dry exercise in checking boxes and meeting irrelevant standards of security that have little to do with genuine risk. But it doesn’t have to be. Adam Shostack, president of Shostack and Associates presents a different way of breaking down the compliance challenge. 

 

Android Vuln Makes ‘Protected’ Broadcasts Unprotected: Ryan Johnson, VP of Research at Kryptowire describes how a firmware vulnerability in Android 9 and 10 would allow third-party applications to exercise privileges they were not meant to have. 

 

Tangling With Attackers on the Bitcoin Blockchain: Christian Doerr and Tsuyoshi Taniguchi discuss the cat-and-mouse game they played with attackers using the Bitcoin blockchain for command-and-control communication. 

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cartoon Caption Winner: In Tow
Flash Poll