Vulnerabilities we have in security," Kaminsky said in an interview. "We've been looking at how DNSSEC is going to address not only DNS vulnerabilities, but some of the core Researchers like Kaminsky say that widespread adoption of DNSSEC could curb a whole bunch of online attacks. DNSSEC isn't yet widely supported,īut ICANN hopes that by signing a root zone, it will spur others to support the protocol in their server and client software. But he's also been tapped to participate in a press conference where he and representatives from ICANN ( Internet Corporation For Assigned Names and Numbers)Īnd VeriSign will discuss Domain Name System Security Extensions (DNSSEC) - a new way of doing DNS that provides a level of confidence that computers connected to the Internet are what they actually claim to be.Ībout two weeks ago, ICANN presided over the first cryptographic signing of a root server with a DNSSEC key. This year, Kaminsky is speaking again at Black Hat - this time on Web security tools. Two years ago, Dan Kaminsky made headlines worldwide by uncovering a flaw in the DNS (Domain Name System) used to look up the addresses of computers on the Internet. "I've always liked the scene in 'Terminator 2' where John Connor walks up to an ATM, interfaces his Atari to the card reader and retrieves cash from the machine. He will also reveal what he calls a "multi-platform ATM rootkit," according to a description of his talk. Ways of attacking ATMs, including remote attacks. But now working for a new company, IOActive, Jack plans to show several new Juniper pulled it at the last minute ahead of last year's Black Hat conference, at the request of ATM makers. ![]() We don't yet know whose ATMs are vulnerable - or even if the manufacturers will be disclosed - but ATMs are a green field for vulnerability researchers.īlack Hat conference director Jeff Moss says the work on ATM bugs is reminiscent of the voting machine research that came out a few years ago - which showed serious security vulnerabilities in the systems and caused many governmentĪgencies to rethink the way they were rolling out e-voting. Jack has been toying around with ATMs (automated teller machines) for the past few years and is ready to talk about some of the bugs This year's most-anticipated talk comes from Barnaby Jack, formerly of Juniper Networks. But also look out for some interesting security stories on these topics: So expect some chaos this week in Las Vegas. This year's Black Hat conference is on Wednesday and Thursday. And even when you think you know what's going on, sometimes one of the shows steps forward to take center stage, as Defconĭid three years ago when Dateline NBC reporter Michelle Madigan was run out of the conference for trying to secretly film show attendees.īlack Hat, the more corporate event, and its unruly sister conference, Defcon, are held one after the other each year in Las Vegas. Usually the most interesting stories pop up at the very last minute - hackers tend to hold off onĭisclosing the really big talks because they don't want jittery lawyers to shut them down. Trying to predict the big news at this week's Black Hat and Defcon conferences is extremely tricky, if not impossible. Network World's Cisco Subnet-The Independent Voice of Cisco Customers.CIO-New IT Drilldowns on Virtualization, Mobile, SOA.Latest Security Stories From the IDG News Service.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |