logo

2019-08-03 ~ 2019-08-08

Presentations (with video): 123 (118)

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

Sort by:  

Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

WebAuthn is a solution to the problem of weak passwords and insufficient multi-factor authentication. It allows for built-in web authentication using biometrics and platform authenticators.
  • Passwords are not enough to protect against data breaches and credential leaks
  • Multi-factor authentication is still not sufficient to prevent phishing attacks
  • WebAuthn provides a solution by allowing for built-in web authentication using biometrics and platform authenticators
  • The process is simple and straightforward, involving creating a public key and verifying the user's identity through biometrics
  • WebAuthn can be used on both mobile and desktop devices, and can be linked between native apps and web applications
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

Bloodhound is a tool that helps organizations identify and mitigate security risks in their Active Directory environments by analyzing shortest attack paths and providing insights into Kerberos misconfigurations.
  • Bloodhound is a tool that helps organizations identify and mitigate security risks in their Active Directory environments
  • It analyzes shortest attack paths to provide insights into potential vulnerabilities
  • It can also identify Kerberos misconfigurations that could be exploited by attackers
  • Bloodhound can significantly reduce the time and effort required to identify and address security risks in large and complex environments
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The importance of clear contracts, regular software assessments, and inventorying services in cybersecurity and DevOps.
  • Clear contracts should outline expectations in partner relationships
  • Regular software assessments are necessary and should include listening for potential issues across the extended ecosystem
  • Inventorying every service used and having a response plan is crucial
  • Sharing information and uplifting others in the industry can make adversaries work harder
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

Tips for building trust and maintaining relationships with researchers in bug bounty programs
  • Communication is key, be transparent and provide regular updates
  • Keep the program fresh by adding new products, targets, and scope
  • Reward researchers in a timely manner and set clear expectations
  • Share known issues to avoid duplication and allow researchers to focus on areas they excel at
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The talk discusses the methodology for vulnerability hunting in undocumented server components and mapping the paths laid out in binary firmware images. It covers the attack surface of modern servers and how it has been reduced to smaller windows through which attackers need to operate. The talk also focuses on the reasons why one would want to hit different components and the problems that exist in these components.
  • Modern servers have reduced attack surfaces if configured correctly
  • The talk discusses the attack surface of modern servers and the reasons why one would want to hit different components
  • The methodology for vulnerability hunting in undocumented server components and mapping the paths laid out in binary firmware images is discussed
  • UEFI BMC and other components are constantly evolving and becoming more hardened
  • The attack surface is concentrated into fewer and fewer components
  • There are gating events where one needs to compromise a component first to get all the information needed to pivot into other components
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The presentation discusses the importance of the standard 62351 in ensuring the cybersecurity of smart grids and critical infrastructure. The standard focuses on monitoring and encryption to detect potential attacks and ensure the health status of the network.
  • Smart grids allow end-users to be active participants in the network, but pose technical and cybersecurity challenges.
  • The standard 62351, particularly part 7, focuses on monitoring and encryption to ensure the cybersecurity of smart grids and critical infrastructure.
  • The standard recommends automation vendors to build equipment that provides health indicators about the status of all components in the network.
  • The standard allows for active monitoring by design, with the technology ready to receive queries and questions about the network's status.
  • Real applications of the standard already exist, and many automation vendors are adopting it.
  • Feedback on the presentation is appreciated.
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The Bug Bounty Micro Summit discussed best practices for launching and running successful bug bounty programs, including the importance of taking a slow and steady approach, learning from submissions, and looking at products from an attacker's perspective. The panelists also discussed the need for bug bounty programs to become more inclusive and collaborative, and the potential for gamification and incident management to keep programs engaging and active.
  • Taking a slow and steady approach is important for launching successful bug bounty programs
  • Learning from submissions can teach vendors a lot about their products and how to strengthen them
  • Looking at products from an attacker's perspective can also improve their security
  • Bug bounty programs need to become more inclusive and collaborative
  • Gamification and incident management can help keep bug bounty programs engaging and active
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The presentation discusses the need to merge tactical, operational, and strategic levels of cybersecurity to defend organizations and nations in cyberspace. The concept of collective defense is introduced as a way to incentivize companies to collaborate and share information to mitigate common threats.
  • The problem of defending organizations and nations in cyberspace requires merging tactical, operational, and strategic levels of cybersecurity.
  • The concept of collective defense can incentivize companies to collaborate and share information to mitigate common threats.
  • Defeating detail, or divide and conquer, is a military concept that is currently being used to take down companies one by one.
  • Certain sectors, such as the electric power and financial sectors, are more amenable to sharing information due to their interdependence.
  • Escalation control and attribution problems must be considered when implementing strategies such as degrading, disrupting, and dissuasion.
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

The presentation discusses the vulnerabilities found in a Hardware Security Module (HSM) and the development of exploits to gain arbitrary code execution and access sensitive data.
  • The HSM's kernel module that transfers messages is not robust and crashes easily, requiring message filtering and configuration modification
  • 15 memory corruption bugs were found, including a type confusion bug in the crypto key function
  • Exploits were developed to leak sensitive data and gain arbitrary code execution
  • The team patched the HSM's code to disable pin verification and install a custom module to dump memory and decryption keys
  • The presentation calls for secure software running on HSMs
Tags:
Conference:  BlackHat USA 2019
Authors:
2019-08-08

tldr - powered by Generative AI

Lessons and Lulz: The 5th Annual Black Hat USA NOC Report is a conference presentation that shares data and insights on network security and operations.
  • The Black Hat NOC team shares data on tools and techniques used to set up, stabilize, and secure the network
  • Humorous network activity is shared to highlight the poor conduct of security professionals on an open WiFi network
  • The NOC team works with partners, not sponsors, to provide equipment and talent for the network
  • Threat hunting with RSA and segmentation are key components of the NOC's evolution
  • Automation is a major project that has taken several shows to implement
Tags: