The Black Hat Europe security conference is gearing up, and already there is buzz about some of the presentations that will be given. Organizers of the conference are saying that a presentation to be given on April 16 will present a security issue that affects anyone who uses the Internet. (No precise information is available yet.)
In addition to this presentation by Dan Kaminsky, Charlie Miller and Vincenzo Iozzo will be discussing Fun and Games with Mac OS X and iPhone Payloads:
Mac OS X continues to spread among users, and with this increased market share comes more scrutinization of the security of the operating system. The topics of vulnerability analysis and exploit techniques have been discussed at length. However, most of these ﬁndings stop once a shell has been achieved. This paper introduces advanced payloads which help to avoid detection, avoid forensics, and avoid countermeasures used by the operating system for both Mac OS X and iPhone. These payloads include Meterpreter and userland-exec for forensics evasion and two iPhone payloads which work against factory iPhones, despite the deviceʼs memory protections and code signing mechanisms.
Other presentations will focus on Windows, Unix and Linux issues, as well as vulnerabilities in specific software and network protocols.