The five biggest stories at Black Hat

The annual Black Hat Briefings conference, held last week in Las Vegas, is the world’s biggest, and arguably the most important, gathering of security researchers; here are the five biggest stories to take away from last week’s Black Hat meeting in Las Vegas
The annual Black Hat Briefings conference, held last week in Las Vegas, is the world’s biggest, and arguably the most important, gathering of security researchers.
SearchSecurity.com’s Black Hat 2012 special coverage page covered the week’s discussions in depth. The editors also chose the five biggest stories from the event.

• Black Hat panelists: Humans, not code, are the targets: Despite new technologies and better software security, a panel including Bruce Schneier and Marcus Ranum say cybercriminals are instead focusing on targeted social engineering attacks.
• Indexing flaws change game for Oracle database security: Longtime Oracle thorn David Litchfield presented working exploits targeting Oracle database indexing vulnerabilities, calling the database giant’s reactive security strategy into question.
• Apple tech talk a missed opportunity, researchers say: Thursday’s Apple session marked the iPhone and iPad maker’s first public discussion about iOS security, but only covered what security researchers already knew, disappointing many in attendance.
• On-stage Near Field Communication hack shows NFC security issues: Using actual exploits, researcher Charlie Miller demonstrated how Near Field Communication security issues open a huge attack surface on smartphones.
• Limited release for tool allowing smart meter hacks: Don Weber of InGuardians did not demo how he is able to compromise virtually every smart meter on the market today, but is releasing his hacking tool to utilities, vendors and vendor-vetted researchers.

 http://www.homelandsecuritynewswire.com/