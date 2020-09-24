SAN FRANCISCO, Sept. 24, 2020, the world's leading producer of information security events, today announces the release of its initial Briefings lineup for Black Hat Europe 2020, taking place virtually 7-10 of December. The virtual event will feature nearly 40 Briefings presented by top security professionals who will reveal new vulnerabilities and defenses spanning all levels of information security.



Black Hat Europe 2020 program highlights include:

Mobile vulnerabilities , including a talk that will show the first systematic security analysis on 11 popular commercial app-in-app ecosystems (https://www.blackhat.com/eu-20/briefings/schedule/index.htmlarquilian-galaxy-in-jeopardy-design-pitfalls-in-commercial-mini-programs-on-android-and-ios-21460?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020), revealing four new serious vulnerabilities that allow an attacker to access the camera, photo gallery, microphone, and more.





, revealing over a dozen new vulnerabilities deployed in everything from networking equipment and medical devices to industrial control systems. Researchers will discuss the nuances in their exploitability and potential impact, demonstrating a proof-of-concept against a yet to be disclosed high profile target. Vulnerabilities with Bluetooth's Host-Controller Interface (HCI) , where researchers will share more than a dozen IOBluetoothFamily HCI kernel zero-day vulnerabilities (https://www.blackhat.com/eu-20/briefings/schedule/please-make-a-dentist-appointment-asap-attacking-iobluetoothfamily-hci-and-vendor-specific-commands-21155?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020) that have been hidden in plain sight. They will also demonstrate how they can attack undocumented vendor commands.





, where researchers will share more than a dozen IOBluetoothFamily HCI kernel zero-day vulnerabilities (https://www.blackhat.com/eu-20/briefings/schedule/please-make-a-dentist-appointment-asap-attacking-iobluetoothfamily-hci-and-vendor-specific-commands-21155?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020) that have been hidden in plain sight. They will also demonstrate how they can attack undocumented vendor commands. An attack on PDF documents , including a demonstration on how to use a single link to compromise the contents of a PDF (https://www.blackhat.com/eu-20/briefings/schedule/portable-data-exfiltration-xss-for-pdfs-21229?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020) and exfiltrate it to a remote server, steal the contents of a PDF without user interaction, and much more.





, including a demonstration on how to use a single link to compromise the contents of a PDF (https://www.blackhat.com/eu-20/briefings/schedule/portable-data-exfiltration-xss-for-pdfs-21229?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020) and exfiltrate it to a remote server, steal the contents of a PDF without user interaction, and much more. An overview of fingerprint-jacking, where researchers will reveal five novel attacking techniques through fingerprint hijacking (https://www.blackhat.com/eu-20/briefings/schedule/fingerprint-jacking-practical-fingerprint-authorization-hijacking-in-android-apps-21364?_mc=pr_bheu_x_bheu_evct_prs_x_x_x_x_Briefings_2020) that can be launched from zero-permission malicious apps, allowing attackers to steal money via a popular payment app, gain access to the most widely used root manager app, and more.



To view the current 2020 program lineup and presentation abstracts, visit:https://www.blackhat.com/eu-20/briefings/schedule/index.html

Black Hat Europe 2020 Executive Summit

On Tuesday, December 8, Europe's notable security executives will attend the Executive Summit aimed towards security leaders and forward thinkers. Participants will hear from a variety of industry experts who are helping shape the next generation of information security strategy. To learn more, visit: https://www.blackhat.com/eu-20/executive-summit.html

Black Hat Trainings

Black Hat Europe will offer four days of deeply technical, hands-on Training courses led by some of the brightest minds in the industry. This year's trainings will span topics covering defense, pentesting, infrastructure hacking, and more. For information on the lineup, visit: https://www.blackhat.com/eu-20/training/schedule/index.html

Black Hat Arsenal

Black Hat Arsenal will return virtually for Black Hat Europe with its highly popular tool and demo area, showcasing the hottest developments from the open-source community. For more information on Arsenal and to see tools when they have been selected, visit: https://www.blackhat.com/eu-20/arsenal-overview.html

