Black Hat has been a staple of the security community for decades, and even though this year’s conference will look different from how it’s looked in the past, we’re very excited to be back out there. We took a look at this year’s conference schedule, and compiled a list of what we think will be can’t-miss events. So whether you’re masking up and hopping on a plane or attending virtually next week, here’s a hacker’s perspective on what to keep an eye out for at Black Hat.
Over the Air Baseband Exploit: Gaining Remote Code Execution on 5G Smartphones
Thursday, August 5, 3:20pm-4:00pm (Virtual)
Marco Grassi (@marcograss) – Senior Security Researcher, Keen Lab of Tencent
Xingyu Chen – Security Researcher, Keen Lab of Tencent
We’ve heard a lot about 5G over the past couple of years and the number of devices now connected to 5G networks has exploded. Since wireless modems process untrusted data, they can make attractive targets for attackers. This talk will discuss how 5G’s security protocols differ from the previous generations of wireless connectivity and what improvements still need to be made. Spoiler alert: They brought POC.
Proactively Hunting Threat Actors with Automated Playbooks
Thursday, August 5, 2:20pm-1:00pm (Virtual)
Kyle Howson – Cyber Security Operations, Air Canada
Kumar Saurabh (@ksaurabh) – Founder/CEO, LogicHub
With a third of successful breaches now originating with unmanaged or unknown assets, understanding your attack surface and being able to prioritize new risks as they emerge has never been more essential. Leading organizations know they can not solve this issue alone and are integrating the attacker’s perspective into their asset, vulnerability, and threat management workflows to quickly find, prioritize, and act upon previously unknown assets and risks before they’re exploited by malicious attackers. Listen to Air Canada’s Kyle Howson and the CEO of LogicHub explain how Air Canada was able to regain control of their attack surface with automated workflows.
Black Hat Keynote: Secretary of Alejandro Mayorkas
Thursday, August 5, 4:20pm-5:00pm (Oceanside CD / Virtual)
Alejandro Mayorkas (@SecMayorkas) – Secretary, Department of Homeland Security
The content of this Keynote has not been broadly published yet. But given the state of security, the volume of high-level breaches and the ubiquity of ransomware attacks, you’re going to want to hear what the Secretary of the Department of Homeland Security has to say as he takes the stage to address the security community.
The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker
Wednesday, August 4, 1:30pm-2:10pm (Virtual)
Allison Wikoff – Senior Strategic Cyber Threat Analyst, IBM X-Force
Richard Emerson – Senior Threat Hunt Analyst, IBM X-Force
This is a fascinating one. Analysts from IBM X-force are going to break down how they reverse engineered a nation state-level attack using mistakes made by the adversary. Cybercrime organization “Charming Kitten,” (likely based in Iran) launched a bevy of attacks against US politicians, journalists and those involved in COVID vaccine development. This talk is going to break down what their tactics looked like and how IMB was able to learn all about the process.
MFA-ing the Un-MFA-ble: Protecting Auth Systems’ Core Secrets
Wednesday, August 4, 11:20am-12:00pm (Virtual)
Tal Be’ery (@TalBeerySec) – Co-Founder, ZenGo
Matan Hamilis (@MHamilis) – Cryptography Researcher, ZenGo
MFA has been one of the most controversial security tactics over the past couple years. Implementing MFA is certainly more effective than requiring only one set of credentials (which can leak and leave systems vulnerable.) But at the same time, the MFA process itself has flaws an attacker like me can easily exploit. While there is no single point of failure, there is still a clear path to a complete set of “Golden Secrets.” This talk will discuss how these problems can be solved by breaking up the secrets and separating them, much the same way cryptocurrency is stored. It’s an exciting step forward in undercutting the booming black market for leaked credentials.
See you there!
Securing our nation’s online infrastructure is top of mind for everybody right now, as is securing our private networks and user data. Nation states and cybercrime organizations are constantly stressing our perimeters and causing more data breaches. As businesses transition to the cloud and more operations become remote, we’ve seen an increase in opportunities for attackers. In order to stay ahead of our adversaries, we need to stay informed about what is possible, and what is likely to happen. We’ll see you there!
