Black Hat Briefings

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Michael Lynn presenting a briefing in 2005
The logo of Black Hat Briefings in 2011

Black Hat Briefings is a computer security conference that brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers. The Briefings take place regularly in Las Vegas, Barcelona, Amsterdam, Abu Dhabi and, occasionally, Tokyo.[1] An event dedicated to the US federal agencies is organized in Washington, D.C.[2]


Black Hat was founded in 1997 by Jeff Moss, who also founded DEF CON. Today, Moss is the Conference Chair of the Black Hat Review Board.[3] These are considered[by whom?] the premier information security conferences in the world. Black Hat started as a single annual conference in Las Vegas, Nevada and is now held in multiple locations around the world.[4]

The conference[edit]

The conference is composed of two major sections, the Black Hat Briefings, and Black Hat Trainings. Training is offered by various computer security vendors, in effort to keep the conference vendor-neutral. The conference has hosted the National Security Agency's information assurance manager course, and various courses by Cisco Systems, Offensive Security, and others.[5][6]

The Briefings are composed of tracks, covering various topics including reverse engineering, identity and privacy, and hacking. The briefings also contain keynote speeches from leading voices in the information security field, including Robert Lentz Chief Security Officer, United States Department of Defense; Michael Lynn; Amit Yoran, former Director of the National Cyber Security Division of the Department of Homeland Security;[2][7] and General Keith B. Alexander, former Director of the National Security Agency and former commander of the United States Cyber Command.[8]

Conference's topics[edit]


July - August 2009 : MCS-ATL vulnerabilities // attack against MD2 - Breaking SSL ... validation certificate ...[9]

July - August 2010 : Cloudcracker ... such as ( service)[10]

July 27 - August 1, 2013 : Android hacking : application and root

New conference goals[edit]

There is now more focus on tools that can be used or protected, so a new type of conferences called Black Hat Arsenal Briefings has been added since 2011.[11] See here Blackhat Arsenal Archives since 2011 on ToolsWatch website.[12]

Antics and disclosures[edit]

Black Hat is known for the antics of its hacker contingent, and the disclosures brought in its talks. Conference attendees have been known to hijack wireless connections of the hotels, hack hotel TV billing systems, and even hack the automated teller machine in a hotel lobby. In 2009, web sites belonging to a handful of security researchers and groups were hacked and passwords, private e-mails, IM chats, and sensitive documents were exposed on the vandalized site of Dan Kaminsky, days before the conference. During Black Hat 2009, a USB thumb drive that was passed around among attendees was found to be infected with the Conficker virus, and in 2008, three men were expelled for packet sniffing the press room local area network.[13]

In the past, companies have attempted to ban researchers from disclosing vital information about their products. At Black Hat 2005, Cisco Systems tried to stop Michael Lynn from speaking about a vulnerability that he said could let hackers virtually shut down the Internet.[2] However, in recent years, researchers have worked with vendors to resolve issues, and some vendors have challenged hackers to attack their products.[14][15][16][17]

See also[edit]


  1. ^ "Black Hat". 
  2. ^ a b c "Computer Security Conferences Attract Both Hackers, Anti-Hackers". Fox News. 4 August 2006. 
  3. ^ "Black Hat". 
  4. ^ "Black Hat ® About Black Hat". 
  5. ^ "Black Hat ® DC 2009 Training Index". 
  6. ^ "Black Hat ® Europe 2009 Training Index". 
  7. ^
  8. ^ "Commander of U.S. Cyber Command and National Security Agency Director, General Keith Alexander, To Keynote Day One of Black Hat USA 2013" (Press release). WWBT-TV NBC 12, WorldNow (Gannaway). May 14, 2013. Retrieved June 13, 2013. 
  9. ^ "Black Hat USA 2009 Summary". blogs@Cisco - Cisco Blogs. 
  10. ^ "Black Hat USA 2010 Summary". blogs@Cisco - Cisco Blogs. 
  11. ^ "Black Hat ® Technical Security Conference: USA 2011 // Black Hat Arsenal: Call for Tools". 
  12. ^ " – The Hackers Arsenal Tools Portal » Arsenal". 
  13. ^ "Hanging with hackers can make you paranoid". CNN. 4 August 2009. Archived from the original on January 22, 2015. 
  14. ^ "Security Expert: PC Media Players Full of Holes". Fox News. 3 August 2007. 
  15. ^ "Microsoft Dares Security Experts to Find Holes in Windows Vista". Fox News. 4 August 2006. 
  16. ^ "Microsoft Challenges Hackers On Vista". CBS News. 3 August 2006. 
  17. ^ Associated Press (2 August 2009). "Hackers expose weakness in trusted sites - Technology & science - Security". NBC News. Retrieved 2014-10-09. 

External links[edit]