What To Look For At This Year’s Black Hat
Contact Us | |
Free Demo | |
Chat | |
With Black Hat just a week away we dig into the conference's schedule to highlight a handful of sessions worth attending, including talks on Spectre and Meltdown, voting security, and healthcare data standards.
If you're attending Black Hat, chances are your schedule is in constant flux, especially if you're still firming up which sessions you want to make. The conference kicks off in earnest next Wednesday with Black Hat Briefings, a series of information security sessions, some 25 minutes, some 50. The subject matter runs the gamut, from malware to the internet of things, to exploit development to reverse engineering. Taking into account cybersecurity trends and storylines we did our best to comb through some of this year's talks to find some of the more appealing sessions.
Post-Spectre/Meltdown Security
It will be interesting to see how this year’s sessions frame security now that Spectre/Meltdown are further in the rear view mirror. Both vulnerabilities – which exploit processors with speculative execution to steal data – were outlined in January.
At RSA earlier this year, aside from cryptographer Paul Kocher - who co-discovered Spectre and gave a talk - neither flaw was discussed at length. This is mostly due to the fact that the vulnerabilities came to light well after the conference’s call for papers had ended.
Next week, we'll be seven months removed from the disclosure and judging by some of the briefing abstracts, it’s been enough time to let the research marinate for some speakers.
Academics from Austria's Graz University of Technology, who co-discovered the vulnerabilities, will be on hand to give a timeline of their research, how vendors have fared in wake of their findings, and give a live demo of the attacks.
Security engineers from Microsoft will also host a session to dig into how the company mitigated the issues and how the disclosure changed its approach to side channel vulnerabilities.
A panel of professionals, including a member from Microsoft's security response team, an analyst for CERT/CC, and a program manager for Red Hat, are also scheduled to discuss Spectre and Meltdown, information sharing, and multi-party coordinated response.
It remains to be seen whether a series of new, Spectre-like vulnerabilities dubbed Spectre NG, uncovered in May, or a new CPU side-channel attack named SpectreRSB, discovered earlier this month, will work their way into any sessions.
Blog Post Don't Miss Our Threat Hunting Session at Black Hat! |
Hacking the Vote
Given the well-documented fragility of voting machines lately, expect there to be quite the crowd gathered for Carsten Schuermann's session on Thursday morning. Schuermann, an academic researcher for the IT University of Copenhagen, made waves after hacking a WinVote voting machine at last year's DEF CON. At Black Hat next week, as teased by DarkReading's Kelly Jackson Higgins last week, Schuermann plans to hack the machine again and highlight the inherent risks of using vulnerable voting machines like it.
Like Barnaby Jack's legendary ATM jackpotting session at Black Hat 2010, Schuermann’s session sounds like it could be a scary spectacle, both visually and technically.
Protecting Healthcare Protocols
Vulnerabilities and hackers have kept those involved with security in the healthcare sector on their toes: There were 1.13M records exposed by 110 healthcare breaches in just Q1 alone this year. While safeguarding patient data is critical and a major talking point, what's discussed less often is the susceptibility of protocols like HL7, a set of standards that helps physicians facilitate clinical and administrative data. Jeffrey Tully and Christian Dameff, a pair of hackers "who moonlight as physicians," and Maxwell Bland, a grad student at the University of California, San Diego will dig into how attacks against the protocol can be used to "subvert the implicit trust doctors place in [the] infrastructure."
Also of note:
- Ahamed Nafeez, an independent researcher, plans to show how compression oracle attacks can be used against VPN networks to steal data.
- Judging by the nearly nonstop headlines around exposed data repositories, data loss in the cloud remains a colossal issue for organizations. William Bengtson, a senior security engineer at Netflix, will describe how to best detect compromised credentials across Amazon Web Services.
- In another fascinating sounding session, Kingkane Malmquist, an information security analyst who works for the Mayo Clinic's Office of Information Security, will share research from the clinic's security awareness program. Specifically Malmquist plans to share experiences relating to peer influence as it relates to malicious phishing.
- Jordan Wright and Olabode Anise, researchers at Duo Security, will describe how they managed to obtain a large Twitter dataset and identify bots within it.
Black Hat image courtesy of Black Hat
Recommended Resources
All the essential information you need about DLP in one eBook.
Expert views on the challenges of today & tomorrow.
The details on our platform architecture, how it works, and your deployment options.