Social Network For CISO (Chief Information Security Officers)
Our editorial team has handpicked some great talks from Black Hat Conference - one of the largest IT Security Conference in the world.
Black Hat - built by and for the global InfoSec community - returns to Las Vegas for its 21st year providing attendees with the very latest in research, development and trends. This six day event begins with four days of intense technical training for security practitioners of all levels (August 4-7) followed by the two-day main conference featuring Briefings, Business Hall, Arsenal, and more (August 8-9)
(Source: Black Hat Conference USA 2018)
Speaker: Jesse Michael, Mickey Shkatov, Oleksandr Bazhaniuk
In this talk, we will show different remote attack vectors into system firmware, including networking, updates over the Internet, and error reporting. We will also be demonstrating and remotely exploiting vulnerabilities in different UEFI firmware implementations which can lead to installing persistent implants remotely at scale. The proof-of-concept exploit is less than 800 bytes. How can we defend against such firmware attacks? We will analyze the remotely exploitable UEFI and BMC attack surface of modern systems, explain specific mitigations for the discussed vulnerabilities, and provide recommendations to detect such attacks and discover compromised systems.
Speaker: Wesley McGrew
The goal of this talk is to provide a penetration tester experienced in exploitation and post-exploitation of networks and systems with an exposure to containerization and the implications it has on offensive operations. Docker is used as a concrete example for the case study. A penetration tester can expect to leave this presentation with a practical exposure to multi-container application post-exploitation that is as buzzword-free as is possible with such a trendy topic.
Speaker: Natalie Silvanovich
This presentation gives an overview of the features of WebAssembly, as well as examples of vulnerabilities that occur in each feature. It will also discuss the future of WebAssembly, and emerging areas of security concern. Learn to find bugs in one of the newest and fastest growing parts of the browser!
Speaker: Jesse Endahl, Max Bélanger
Our talk walks through the various stages of bootstrapping, showing which binaries are involved, the IPC flows on the device, and evaluates the network (TLS) security of key client/server communications. We will follow with a live demo showing how a nation-state actor could exploit this vulnerability such that a user could unwrap a brand new Mac.
Speaker: Brad Geesaman
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage. But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization? Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
Speaker: Christopher Domas
Complexity is increasing. Trust eroding. In the wake of Spectre and Meltdown, when it seems that things cannot get any darker for processor security, the last light goes out. This talk will demonstrate what everyone has long feared but never proven: there are hardware backdoors in some x86 processors, and they're buried deeper than we ever imagined possible. While this research specifically examines a third-party processor, we use this as a stepping stone to explore the feasibility of more widespread hardware backdoors.
>>Go to Presentation
Speaker: Justin Engler, Tyler Lukasiewicz
Speaker: Anders Fogh, Christopher Ertl, Matt Miller
n this presentation, we will describe Microsoft's approach to researching and mitigating speculative execution side channel vulnerabilities. This approach involved bringing experts from across Microsoft, hiring an industry expert to accelerate our understanding of the issues, and collaborating across the industry in a way not done previously. This team presentation between Microsoft and G DATA will provide a firsthand account of the engineering centric work done and the collaboration necessary to mitigate these issues. We will describe the taxonomy and framework we created which provided the industry foundation for reasoning about this new vulnerability class. This work built on the initial researcher reports and expanded into a larger understanding of the issues. Using this foundation, we will describe the mitigations that Microsoft developed and the impact they have on Spectre and Meltdown.
Get your FREE Guide on Top Talks @ Black Hat Conference 2018 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at Black hat Conference into a single guide. Get your Free copy today.