[ InsurrectoR @ 05.02.2003. 17:06 ] @
Black Hat would like to make three announcements that may be of interest
here.

- First I would like to make the final announcement for the Black Hat
Windows Security Briefings & Training 2003. Held in Microsoft's back yard,

the conference will be in Seattle, February 26-27th, with two days of
training available on the 24th & 25th. Highlights of the Briefings will
include the much anticipated release of the "Enforcer" tool by Tim Mullen,

Michael Howard & David LeBlanc's presentation on writing secure code, and

Saumil Shah's presentation on assessment techniques utilizing the Fire &

Water tool-kit.
http://www.blackhat.com/html/win-usa-03/win-usa-03-index.html

Greg Hoglund, founder of www.rootkit.com and Cenzic, has been added to the

training agenda, and is giving a two day class titled "Aspects of Offensive

Root-kit Technology". This is a first time offering of a class specifically

focusing on Root-kit technology and promises to be stellar.
http://www.blackhat.com/html/w...-03/train-bh-win-03-index.html

- Second, almost 75 new presentations have been added on-line! All the
video from Black Hat Windows Security 2002 AND Black Hat USA 2002 are now

on-line. Richard Clarke was the keynote speaker at the July show, and while

there were many excellent technical talks, Jeff Jonas' lunchtime talk on

NORA was not to be missed. We are encoding at a higher quality with a bit

higher resolution. Check out:
http://www.blackhat.com/html/b...i-media-archives.html#USA-2002

- Last I would like to remind everyone that Black Hat has opened the CFP

for our Europe conference which will be held in May in Amsterdam. In the

next few weeks the CFPs for the July, Federal, and Asia conferences will
be
put on-line. We look forward to your submissions.

Thank you, and I hope your mail client knows how to word wrap.

Jeff Moss
Black Hat

PS: If you want to see the talk David Litchfield gave at the July show in

which he reveals the MS SQL UDP problem that turned into the SQL
Hell/Slammer/Sapphire worm, fire up Real Player and check out the video:
rtsp://media-1.datamerica.com/blackhat/bh-usa-02/video/BH-USA-02-DAVID-LITCHFIELD.rm
[ InsurrectoR @ 22.02.2003. 12:34 ] @
Call For Papers Announcement: Black Hat Briefings Amsterdam

Whoop! Whoop!

http://www.blackhat.com/html/bh-cfp/bh-euro-03-cfp.html

Papers and presentations are now being accepted for The Black Hat Briefings

Amsterdam 2003 event in Amsterdam, The Netherlands, May 14th - 15th, 2003.

Papers and requests to speak will be received and reviewed until March 25th.

WHAT IS THE BLACK HAT BRIEFINGS?

The Black Hat Briefings was created to fill the need for computer security

professionals to better understand the security risks and potential threats

to their information infrastructures and computer systems. Black Hat
accomplishes this by assembling a group of vendor-neutral security
professionals and having them speak candidly about the problems businesses

face and their solutions to those problems. No gimmicks -- just straight

talk by people who make it their business to explore the ever-changing
security space.

HOTEL INFORMATION

The Black Hat Europe 2003 Briefings & Training Conference will take place

May 12-15, 2003 at the Grand Hotel Krasnapolsky, Amsterdam, the
Netherlands. Please see the Europe Briefings pages for more information on

hotel, venue, schedules, etc.

IMPORTANT DATES

March 25, 2003: Call for Papers closes for Black Hat Europe 2003
May 12-13, 2003 Black Hat Europe 2003 Training at the Grand Hotel
Krasnapolsky, Amsterdam, the Netherlands
May 14-15, 2003: Black Hat Europe 2003 Briefings at the Grand Hotel
Krasnapolsky, Amsterdam, the Netherlands

ATTENDANCE FEES and REGISTRATION

Training Costs vary per class, and Conference costs are $1,095 before April

25th, $1,295 after.

MORE CONVENTION INFORMATION

Please visit http://www.blackhat.com/ for previous conference archives,
information, and speeches. Updated announcements will be posted when available.


If you can not submit a CFP for the Amsterdam conference, please consider

the USA conference. The CFP and registration go
live next week.

I hope to see some of you in Seattle for the Windows show!

Jeff Moss
Organizer
[ InsurrectoR @ 20.07.2003. 19:19 ] @
Black Hat Briefings 2003 - Announcement

B.K. DeLong
press@blackhat.com

BLACK HAT BRIEFINGS 2003 SESSIONS HIGHLIGHT NEXT GENERATION SECURITY
TECHOLOGY, BEST PRACTICES & CORE POLICY

Top Academic Researchers & Industry Gurus will Focus on Key
Vulnerabilities
and Offer Comprehensive Strategies to Todays Security Problems; PGP
Creator
Phil Zimmermann to Keynote.

http://www.blackhat.com/ -- Black Hat Inc. announced today preliminary
speaker sessions for this summer's Black Hat Briefings and Training 2003,

the annual conference and workshop designed to help computer
professionals
better understand the security risks to their computer and information
infrastructures by potential threats. This year's show will focus on 10
tracks of hot topics including Incident Response & Computer Forensics,
Firewalls, Access Control, Routing & Infrastructure, Application
Security,
Intrusion Detection, Log Analysis, Privacy & Anonymity, and Law &
Society.
The Briefings event is being held 30 through 31 July 2003 at the Caesars

Palace Hotel and Casino in the heart of Las Vegas, with two days of
training preceding it.

Top-notch speakers will deliver to the conference's core audience of IT
&
network security experts, consultants and administrators the newest
developments on the vital security issues facing organizations using
large
networks with a mix of operating systems.

"Our goal is to present a vendor-neutral environment where conference
attendees can receive key intelligence in a face-to-face environment
with
the people developing the tools used by and against hackers," says Jeff
Moss, founder of Black Hat Inc. "Our speakers discuss the strategies
involved in correcting existing problems and inform attendees on
upcoming
issues, preparing them for the future."

Phil Zimmermann, cryptographic technologist, will be one of the keynotes

headlining the event. Zimmermann is the creator of Pretty Good Privacy
and
currently a special advisor and consultant for the PGP Corporation. He
is
best known for being the target of a three-year criminal investigation,
because the US Government held that export restrictions for
cryptographic
software were violated when PGP was spread around the world following
its
1991 publication as freeware. Zimmermann currently consults for a number
of
companies and industry organizations on matters cryptographic, and is
also
a Fellow at the Stanford Law School's Center for Internet and Society.
Before founding PGP Inc, Zimmermann was a software engineer with more
than
20 years of experience specializing in cryptography and data security,
data
communications, and real-time embedded systems.

The lineup of Black Hat Briefings presenters for 2003 include:

-- Thomas Akin, Founding Director, Southeast Cybercrime
Institute. Akin is
a Certified Information Systems Security Professional (CISSP) who has
worked in Information Security for almost a decade. He is the founding
director of the Southeast Cybercrime Institute a division or Continuing
Education at Kennesaw State University. He serves as chairman for the
Institute's Board of Advisors and is an active member of the Georgia
Cybercrime Task Force.

-- Jay Beale, Senior Research Scientist, George Washington
University
Cyber Security Policy and Research Institute. Beale is a security
specialist focused on host lockdown and security audits. He is the Lead
Developer of the Bastille project, which creates a hardening script for
Linux, HP-UX, and Mac OS X, a member of the Honeynet Project, and a core

participant in the Center for Internet Security.

-- Chris Conacher, Black Hat Consulting. Conacher has over 6
years
experience in formal Information Security roles. This time has been
spent
with the Fortune 500 companies BAE Systems (formerly British Aerospace
and
Marconi Space Systems), BAE Systems Airbus and Intel Corporation. He has

also worked for the Information Risk Management consultancy practice of
'Big 5' firm KPMG LLP where he specialized in 'High-Tech' companies.
Chris'
time in Information Security has seen him working in England, France,
Germany, Greece, Russia and the USA. His specialties include the
development, deployment and review of corporate information security
programs; the secure integration of Mergers & Acquisitions; data
protection
in disaster recovery planning; and information security business impact
analysis.

-- Roger Dingledine, Founder & Owner, Moria Research Labs.
Dingledine is a
security and privacy researcher. While at MIT under professor Ron Rivest,

he developed Free Haven, one of the early peer-to-peer systems that
emphasized resource management while retaining anonymity for its
users.Currently he consults for the US Navy to design and develop
systems
for anonymity and traffic analysis resistance. Recent work includes
anonymous publishing and communication systems, traffic analysis
resistance, censorship resistance, attack resistance for decentralized
networks, and reputation.

-- Himanshu Dwivedi, Managing Security Architect, @stake. At @stake,

Himanshu leads the Storage Center of Excellence (CoE), which focuses
research and training around storage technology, including Network
Attached
Storage (NAS) and Storage Area Networks (SAN). Himanshu's focus in
security
is networking technology and storage architecture, specifically Fibre
Channel Security.

-- Jennifer Granick, Litigation Director, Center for Internet
and Society,
Stanford Law School. Ms. Granick's work focuses on the interaction of
free
speech, privacy, computer security, law and technology. She is on the
Board
of Directors for the Honeynet Project and has spoken at the NSA, to law
enforcement and to computer security professionals from the public and
private sectors in the United States and abroad. Before coming to
Stanford
Law School, Ms. Granick practiced criminal defense of unauthorized
access
and email interception cases nationally. She has published articles on
wiretap laws, workplace
privacy and trademark law.

-- The Honeynet Project is a non-profit, all volunteer security
research
organization dedicated to researching the blackhat community, and
sharing
the lessons learned. Made up of thirty security professional, the
Project
deploys Honeynet around the world to capture and analzye blackhat
activity.
These lessons are then shared with the security community. The Honeynet
Project began in 1999 and continues to grow with the founding of the
Honeynet Research Alliance.

-- Larry Leibrock, Associate Dean and Technology Officer,
University of
Texas McCombs Business School. Leibrock has held or currently holds
clinical teaching and research appointments at McCombs Business School,
Institute for Advanced Technology, The University of Texas Law School,
Emory University, Helsinki School of Economics and Monterrey
Technologica
in Mexico City and Monterrey. He is a member of IEEE, ACM, Internet
Society, FIRST and USENIX/SAGE and is also a member of the Department of

Defense Software Engineering Institute and a participant in the Air
Force
Software Technology Conference.

-- Neel Mehta, Application Vulnerability Researcher, ISS X-Force.
Mehta
works as an application vulnerability researcher at ISS X-Force, and
like
many other security researchers comes from a reverse-engineering
background. His reverse engineering experience was cultivated through
extensive consulting work in the copy protection field, and has more
recently been focused on application security. Neel has done extensive
research into binary and source-code auditing, and has applied this
knowledge to find many vulnerabilities in critical and widely deployed
network applications.

-- Richard Salgado, Senior Counsel, Computer Crime and
Intellectual
Property Section of the United States Department of Justice. Salgado
specializes in investigating and prosecuting computer network cases,
such
as computer hacking, denial of service attacks, illegal sniffing, logic
bombs, viruses and other technology-driven privacy crimes. Often such
crimes cross international jurisdictions; Mr. Salgado helps coordinate
and
manage the investigation and prosecution of those cases and participates
in
policy development relating to emerging technologies such as the growth
of
wireless networks, voice-over Internet Protocol, surveillance tools and
forensic techniques.

Black Hat Inc. will also conduct computer security training for several
different topics several days prior to the briefings - 26 through 29
July.

Subjects include:

-- Infrastructure Attacktecs™ & Defentecs™: "Hacking Cisco
Networks"
-- Aspects of Offensive Root-kit Technology
-- Network Application Design & Secure Implementation
-- NSA InfoSec Assessment Methodology Course
-- OSSTMM Professional Security Analyst (OPSA)
-- Forensics Tools and Processes for Windows XP® Platforms
-- Discover the Hidden: Steganography Investigator Training
-- Enterprise Security From Day 1 to Completion: A Practical
Approach to
Developing an InfoSec Program
-- Microsoft Ninjitsu: Securely Deploying MS Technologies
-- Securing Solaris and Locking Down Linux
-- Ultimate Hacking: Expert Edition

The instructors for the training segment of this year's Black Hat are
some
of the top experts in their field and are fully-active in the computer
security community. You won't find most of these speakers anywhere else
and
these handpicked security gurus will train participants in understanding

the real threats to any network and how to keep them from being
exploited.

To register for BlackHat Briefings, visit the Web site at
http://www.blackhat.com. Direct any conference-related questions to
info@blackhat.com.

For press registration, contact B.K. DeLong via email at
press@blackhat.com.

About Black Hat Inc.

Black Hat Inc. was originally founded in 1997 by Jeff Moss to fill the
need
for computer security professionals to better understand the security
risks
and potential threats to their information infrastructures and computer
systems. Black Hat accomplishes this by assembling a group of
vendor-neutral security professionals and having them speak candidly
about
the problems businesses face and their solutions to those problems.
Black
Hat Inc. produces 5 briefing & training events a year on 3 different
continents. Speakers and attendees travel from all over the world to
meet
and share in the latest advances in computer security. In addition to
the
Briefings, Black Hat has grown to provide training and consulting
services.
For more information, visit their Web site at http://www.blackhat.com