Social Network For CISO (Chief Information Security Officers)
Our editorial team has handpicked some great talks from Black Hat Conference - one of the largest IT Security Conference in the world.
Black Hat - built by and for the global InfoSec community - returns to Las Vegas for its 21st year providing attendees with the very latest in research, development and trends. This six day event begins with four days of intense technical training for security practitioners of all levels (August 4-7) followed by the two-day main conference featuring Briefings, Business Hall, Arsenal, and more (August 8-9)
(Source: Black Hat Conference USA 2018)
Speaker: William Bengtson
Credential compromise in the cloud is not a threat that one company faces, rather it is a widespread concern as more and more companies operate in the cloud. Credential compromise can lead to many different outcomes depending on the motive of the attacker who compromised the credentials. In some cases in the past, it has led to erroneous AWS service usage for bitcoin mining or other non-destructive yet costly abuse, and in others it has led to companies shutting down due to the loss of data and infrastructure.
This paper describes an approach for detection of compromised credentials in AWS without needing to know all IPs in your infrastructure beforehand.
Speaker: Dani Goland, Ido Naor
In our research, we dived into these malware-scanning giants and built sophisticated Yara rules to capture non-malicious artifacts and dissect them from secrets you've never thought possible of getting out of their chamber. But that's not all. We will show the audience how we built an intelligence tool, that upon insertion of an API key, will auto-dissect a full dataset. In our talk, we reveal the awful truth about allowing internally installed security products to be romantically involved with online scanners.
Speakers: Kevin Perlow
This talk is intended to providing high and medium-confidence methodologies for mapping out these blockchains through TTP analysis, script-based transaction mapping, and index-based infrastructure correlation. In doing so, analysts will be able to generate additional intelligence surrounding a threat and proactively identify likely malicious domains as they are registered or become active on the blockchain.
>>Go to Presentation
Speaker: Cathal Smyth, Clare Gollnick
By using intelligence gathered from online sources such as the dark web combined with transactional data, we demonstrate predictive analytics that can not only identify who the next fraud victims will be, but also where card data is being stolen from, all before any fraudulent transactions have occurred.
Get your FREE Guide on Top Talks @ Black Hat Conference 2018 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at Black hat Conference into a single guide. Get your Free copy today.