
by Ericka Chickowski

A vulnerability in the way browsers handle Extended Validation SSL render the costly certs pretty darned useless until browser developers fix it. Researchers will show off a tool that leverages low assurance certificates to spoof
Breaking the security myths of Extended Validation SSL CertificatesAlexander Sotirov, Mike Zusman

Smart Grid technology has the potential to help us greatly improve the efficiency of our power infrastructure—but with added connectivity comes added risks. Two different researchers will present exploits of Smart Grid te
Recoverable Advanced Metering InfrastructureMike DavisHacking the Smart GridTony Flick

Dan Kaminsky made waves last year with his highly publicized presentation on DNS cache poisoning. He’s scheduled to present a mystery topic this year—"Something about network security," say Black Hat organizers.
Something about Network SecurityDan Kaminsky

Did you know that it is possible for someone to attack the host on a virtualized server via a vulnerable guest machine? That’s why so many CIOs are so skittish about migrating to the cloud—their neighbors’ problems can easily
Cloudburst: Hacking 3D (and Breaking Out of VMware)Kostya KortchinskyClobbering the Cloud!Haroon Meer, Nick Arvanitis, Marco SlavieroCloud Computing Models and Vulnerabilities: Raining on the Trendy New ParadeAlex Stamos, Andrew Becherer, Nathan Wilcox

Metasploit creator Chris Gates will bring order to the world of Oracle exploits in his demonstration of a new framework for leveraging his pentest program to break Oracle in a very methodical way.
Relevant Session
Breaking the "Unbreakable" Oracle with MetasploitChris Gates

Social Security Numbers just got a whole lot less secure with the discovery of one enterprising researcher, who’s found an algorithmic method for guessing an individual’s SSN based on their place and date of birth.
I Just Found 10 Million SSN’sAlessandro Acquisti

Apple fanboys are pretty smug in their sense of security superiority, but it’s all unfounded. This year’s Black Hat lineup includes several presentations on how to exploit Mac vulnerabilities (yes, they’re there!)
Relevant
Advanced Mac OS X RootkitsDino Dai ZoviMacsploitation with MetasploitDino Dai Zovi

Going ‘off-the-grid’ on a private and anonymous darknet may become a whole lot easier with the unveiling of a new proof-of-concept, browser-based darknet technology developed by researchers with HP.
Relevant Session
Veiled: A Browser-based DarknetBilly Hoffman, Matt Wood