Researchers set to drop 32 zero-day vulnerabilities at Black Hat 2015

Source: The Register UK

By Aaron Hurd

Jul 27, 2015

Researchers are set to drop 32 zero-day vulnerabilities at the Black Hat hacking fest in Las Vegas in August. 

Although the vulnearbilities have not been disclosed, they will affect mobile devices and Supervisory Control and Data Acquisition (SCADA) systems among other platforms.

"We have 32 different zero-day vulnerabilities that will be disclosed at the event," Wylie said. "The zero-days come from a broad swath of topics, including mobile and SCADA [supervisory control and data acquisition] systems," Black Hat general manager Steve Wylie reportedly said.

Black Hat has previously offered a stage to zero-day vulnerability disclosures affecting the likes of Symantec's Endpoint Protection, Microsoft's Internet Explorer and SSL to name a few.

The enormous U.S. conference has been surveying the field prior to the event and polled some 460 respondents about whether they were seeing adequate results for the amount of money they had spent. Unsurprisingly, they found that results have been few and far between.

"It reveals a disturbing gap between the priorities and concerns of these security-savvy individuals and the actual expenditure of security resources in the average enterprise," the report said 

"In the study, the vast majority of security professionals – 57 per cent – cited sophisticated, targeted attacks as their greatest concern yet only 26 per cent of respondents indicated that targeted attacks were among the top three IT security spending priorities in their organisation, and only 20 per cent of respondents said that targeted attacks were among the top three tasks where they spend the most time."

On the upside, 94% say that they will be able to find another job in the event that their company burns to the ground.