Our editorial team has handpicked the best of the best talks at RSA Conference - one of the largest IT Security Conference in the world. Following is the list of top talks on Hacking & Attack Technique at RSA Conference 2016.

RSA Conference held its 25th annual event at the Moscone Center in San Francisco and brought together a record number of more than 40,000 attendees. Attendees experienced keynotes, peer-to-peer sessions, top notch track sessions, tutorials and seminars along with networking and social activities including the RSAC Codebreakers bash at AT&T Park featuring Sheryl Crow, Walk off the Earth and Tony Hawk. Keynotes, sessions and debates focused on the Internet of Things, industrial control systems, encryption, artificial intelligence and machine learning, crowdsourcing, healthcare, automotive, and more, with many reflecting current industry news. (Source: RSA Conference USA 2016)

8669804085?profile=original

image courtesy: https://en.wikipedia.org/wiki/Yo-Mobile

1) Braking the Connected Car: The Future of Vehicle Vulnerabilities

Speaker: Akshay Anand ( @iamakshayanand ), Karl Brauer ( @karlbrauer )

In this presentation, analysts from Kelley Blue Book’s Automotive Industry Insights will illustrate how the connected car is quickly becoming an unrestricted playground for cyberthreats and how the next generation of in-car technology will intensify already-present vehicle vulnerabilities.

>>Go To Presentation

8669804462?profile=original

image courtesy: https://www.flickr.com/photos/132889348@N07/20445410340

2) Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities

Speaker: Stephen Sims@steph3nsims )

Ever wondered how to find bug fixes residing in Microsoft patches? In this presentation we will take a look at the tools and techniques used to reverse engineer Microsoft security patches. Many organizations take weeks to push out patches to their domains. If an attacker can locate the fix and get a working exploit going, they can use it to compromise your organization.

>>Go To Presentation

8669804484?profile=original

image courtesy: https://de.wikipedia.org/wiki/Hacker

3) Autonomous Hacking: The New Frontiers of Attack and Defense

Speaker: Giovanni Vigna@lastlinelabs )

Vulnerability analysis has largely been a process that requires substantial human expertise. However, very recently there has been a push for completely autonomous hacking systems, which can find flaws, exploit them and even provide patches, all without any human intervention. This talk presents recent advances in autonomous hacking and provides lessons learned from participating in the DARPA CGC.

>>Go To Presentation

8669804887?profile=original

4) Hacking a Professional Drone

Speaker: Nils Rodday

Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional drone and effectively compromises the security of the system to take over control. His session will also discuss practical fixes and approaches for remediating these issues.

>>Go To Presentation

8669805458?profile=original

5) Linguistic Passphrase Cracking

Speaker: Mikael Simovits@mikaelsimovits ), Peder Sparell

With the constant increase of availability of processing power comes the need for longer passwords and hence the need for usage of passphrases in order to remember them. But are passphrases really safe? This session will explain how to crack passphrases up to 20 characters long, where normal password attacks most often fail, in a reasonable timespan using a normal gaming PC and a Markov process.

>>Go To Presentation

8669805496?profile=original

image courtesy: https://en.wikipedia.org/wiki/Harlequin_cabbage_bug

6) …But Now I See—A Vulnerability Disclosure Maturity Model

Speaker: Katie Moussouris@k8em0 )

Someone politely knocks on your door and reports that there’s a hole in your wall big enough for a person to climb through. You immediately threaten legal action. Crazy? In the world of vuln research, this happens. This session will review a Vuln Disclosure Maturity Model created describe best-in-class practices. For any company wanting to get better bug reports faster—this session is a must.

>>Go To Presentation

8669805679?profile=original

image courtesy: https://www.flickr.com/photos/rueful/8538388071

7) Breaking Closed Systems with Code-Signing and Mitigation Techniques

Speaker: Gavin Hill

Code signing is abundant in the enterprises and consumer space. This session will review the current landscape showing attacks against several open (Windows, Android, Mac) and closed (IOS, automotive operating) systems and show anomalies found by Venafi Labs focused on the theft and misuse of code signing certificates to breach organizations and propose a solution on how to address the issues.

>>Go To Presentation

8669806054?profile=original

image courtesy: http://www.geograph.org.uk/photo/2358069

8) Cybersecurity for Oil and Gas Industries: How Hackers Can Steal Oil

Speaker: Alexander Polyakov@sh2kerr )

One of the industries most plagued by cyberattacks is the oil and gas industry. Several attacks against such companies as Aramco have been executed. SAP and Oracle systems are widely used there and are responsible for business critical processes such as Digital Oilfield Operations, Hydrocarbon Supply Chain and others. How you can prevent those attacks? The presenters will give answers.

>>Go To Presentation

8669806257?profile=original


9) Hacking Critical Infrastructure Like You’re Not a N00b

Speaker: Jason Larsen

This presentation is targeted towards an audience that already understands how to compromise the embedded systems that run a process and now is looking at manipulating the physics of the process itself. In as much as time allows, it will cover all the things necessary to accomplish more than exercising the automatic shutdown logic of a process.

>>Go To Presentation


8669805662?profile=original

10) The Seven Most Dangerous New Attack Techniques, and What's Coming Next

Speaker: Alan Paller, Ed Skoudis@edskoudis ), Johannes Ullrich@johullrich ), Mike Assante@assante_michael )

Which are the most dangerous new attack techniques for 2016/2017? How do they work? How can you stop them? What's coming next and how can you prepare? This fast-paced session provides answers from the three people best positioned know: the head of the Internet Storm Center, the top hacker exploits expert/teacher in the U.S., and the top expert on cyberattacks on industrial control systems.

>>Go To Presentation

8669806080?profile=original

image courtesy: https://www.flickr.com/photos/jakerust/16649925388

11) The Pivot

Speaker : Jonathan Trull@jonathantrull )

In today’s threat landscape, the attacker is an insider. Whether a state-sponsored actor or cybercriminal, attackers typically first compromise the endpoint with a client-side exploit and then pivot. In this session, we take a deep dive into how attackers pivot through organizations, identify the telltale signs of a pivot, and most importantly, identify steps for defending against it.

>>Go To Presentation


8669806664?profile=original

12) Sophisticated Attacks vs. Advanced Persistent Security

Speaker: Araceli Gomes@sleepdeficit_ ), Ira Winkler@irawinkler )

It appears that any successful attack these days is labeled, Sophisticated. The implication is that the attacks were unpreventable. The reality is very different. We dissect recent attacks, and then go through how they could have been prevented. Advanced Persistent Security principles are applied to demonstrate how even successful breaches can be contained to significantly reduce loss.

>>Go To Presentation


8669804484?profile=original

image courtesy: https://de.wikipedia.org/wiki/Hacker

13) Hacking Exposed LIVE: Attacking in the Shadows

Speaker: Stuart McClure@stuartmcclure )

Attackers have found compromise trivial for decades. But as additional security layers get deployed and next generation solutions come to market, attackers are turning to old and new techniques for bypassing security controls to launch their attacks and stay hidden. This session will explore the latest techniques and how simple defense techniques can foil even the most sophisticated attacks.

>>Go To Presentation

8669806872?profile=original

14) Hacking Exposed: The Mac Attack

Speaker: Dmitri Alperovitch@DAlperovitch ), George Kurtz ( @George_Kurtz )

Windows attacks receive all the attention. However, Mac and Linux have gained in popularity with the adversary. This session will focus on common Mac attack vectors and other cross-platform hacks that are typically seen in enterprise intrusions. We will also cover practical counter measures to make these alternate platforms more resilient.

>>Go To Presentation

8669806685?profile=original

15) What IT Professionals Need to Know about Sniffing Wireless Traffic in 2016

Speaker: Avril Salter@avrilsalterUSA )

Next generation wireless standards define MU-MIMO, which promises 4x capacity gains. This session compares different multi-antenna technologies (SM, STBC, BF, MU-MIMO). It describes the subtle mistakes wireless security experts make sniffing wireless traffic. It explains how MU-MIMO introduces new challenges in capturing wireless traffic, which could make wireless sniffing near impossible.

>>Go To Presentation

8669805055?profile=original

Your Complete Guide To Top Talks @RSA Conference 2016 (USA)

Get your FREE Guide on Top Talks @ RSA Conference 2016 (USA) . Our editorial team has gone through all the talks and handpicked the best of the best talks at RSA Conference into a single guide. Get your Free copy today.

>>Click Here To Get Your FREE Guide

E-mail me when people leave their comments –

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)