9 Technologies Security Researchers Will Break At Black Hat, July 29, 2013 This week's Black Hat USA Conference in Las Vegas will showcase hacks, tools and ideas that will once again challenge the way we think about IT security. Here are nine technologies that will be on the firing line as security researchers discuss and demonstrate vulnerabilities and exploits.
Passwords and Credentials
Password and credential theft continues to be a huge issue for organizations of all sizes who have to think not only about individual users being phished but also hackers stealing passwords wholesale from repositories within company databases. Most businesses are notoriously behind in implementing the latest cryptographic hashing technology that protects passwords in the database. A number of experts are putting together a new Password Hashing Competition that they hope will spur researchers to develop a more elegant, yet secure, alternative to what exists today.
Meanwhile, researchers from Accuvant Labs will build on last year's release of the Pass The Hash tool, which automates the process of conducting an attack against Windows authentication methods and makes it possible to log in using an encrypted hash of a password rather than the password itself.. This year's talk will discuss some of the weaknesses of Microsoft's countermeasures to the attack, which were introduced on the heels of the tool's launch.