logo

2021-07-31 ~ 2021-08-03

Presentations (with video): 145 (143)

Now in its 24th year, Black Hat USA is excited to present a unique hybrid event experience, offering the cybersecurity community a choice in how they wish to participate. Black Hat USA 2021 will open with four days of Virtual Trainings (July 31-August 3) conducted in real-time online, with all instructors accessible throughout each class. The two-day main conference (August 4-5) featuring Briefings, Arsenal, Business Hall, and more will be a hybrid event—offering both a Virtual (online) Event and a Live, In-Person Event in Las Vegas. See the Conference Highlights below for more details.

Sort by:  

Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses the importance of vulnerability intelligence and provides tips on how to navigate the vulnerabilities scene. It emphasizes the need to move from managing vulnerabilities to vulnerability intelligence and provides factors to prioritize vulnerability management.
  • 70% of CVEs have a connection to the top 10 attack techniques
  • Four factors to prioritize vulnerability management: exploitability, scannability, popularity, and mitigation
  • Automation is key to navigating the world of big vulnerability data
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The Locknote presentation at Black Hat Europe 2021 discussed the pressing issues facing the InfoSec community and the impact of emerging trends on future InfoSec strategies.
  • Research has changed from a security perspective due to the pandemic and the resulting lockdowns.
  • The need to secure critical infrastructure was discussed, but there is still debate over what is considered critical.
  • There is a shift towards putting people first in security, both on the user side and the security team side.
  • Responsibility for vulnerabilities is still a big issue, with chains of responsibility being broken and circular.
  • Newcomers to the industry can find bugs in old technology that has been overlooked.
  • The psychological aspects of designing systems to be compatible with humans and preventing burnout in the security industry are important.
  • There is a need for a separate vulnerability database for clouds to better understand the impact of vulnerabilities.
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

Encouraging knowledge sharing in the cybersecurity industry
  • Define target audience
  • Set clear rules for interacting with information
  • Ensure give and take in knowledge sharing
  • Use appropriate medium for sharing information
  • Learn outcome-based storytelling
  • Develop solutions collaboratively
  • Leverage trusted networks and connections
  • Establish frameworks for safe knowledge sharing
  • Contribute to the industry and seek out opportunities for knowledge sharing
  • Treat others with kindness and back yourself
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

Summary of a conference presentation on a vulnerability found in the Cosmos DB service
  • The vulnerability allowed access to multiple kinds of authentication tokens that could be used to access and manipulate customer data in multiple access vectors
  • Microsoft quickly patched the vulnerability by removing the Jupyter Notebook feature altogether
  • Microsoft awarded the researchers with the maximum bounty available for Azure
  • Microsoft only emailed undeniably affected customers, but should have emailed all potentially impacted customers
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses the dangers of mishandling Active Directory Certificate Services (ADCS) and provides insights on how attackers can exploit it. It also offers recommendations on how to protect against these attacks.
  • ADCS can be dangerous if not handled properly and attackers are using it to their advantage
  • The presentation details various attacks that can be executed using ADCS, including certificate theft, persistence, domain escalation, and domain persistence
  • The tool Certify can be used to enumerate vulnerable templates and request templates for abuse
  • Defenses include developing an incident response plan, auditing relevant event logs, and checking out the white paper for guidance
  • Acknowledgements are given to previous work and collaborators
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The fragility of time synchronization and the need for alternative solutions to secure time
  • The current time is measured by Atomic Clocks accurate to within 1 second every 100 million years
  • The internet is moving to secure how the consensus of the current time is distributed
  • The ecosystem of time synchronization is fragile and vulnerable to attacks
  • GPS as a single source of failure is a serious problem
  • Government and industry are creating a secondary resilient platform to provide land-based secure time
  • Attackers and their tools are becoming increasingly sophisticated
  • People need to think about alternative solutions and not leave it to governments and organizations
  • Time is essential for cryptography and digital certification
  • There may be a lot of attacks sliding under the radar that people aren't aware of
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses the vulnerabilities found in DDS implementations and the importance of fuzzing and white box application browsing in cybersecurity.
  • DDS implementations have vulnerabilities that can be exploited through reflection or amplification attacks
  • Fuzzing and white box application browsing are important in identifying vulnerabilities
  • The serializer and deserializer functions are good targets for fuzzing
  • The presentation emphasizes the need for better serialization practices in programming languages
  • The importance of finding the desired spin in code to avoid garbage information in fuzzing is highlighted
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses a USB attack on a smartphone using a vulnerability in the Linux kernel. The attack requires physical access to the device and a low activity slab. The presentation also covers challenges and mitigations for the attack.
  • The attack requires physical access to the device and a low activity slab
  • Winning the race is a main challenge for the attack
  • Cache behavior can make it hard to predict where control is taken
  • Address-based layout randomization is a hurdle that needs to be overcome
  • Code and data protections can be mitigated by looking for other attack paths
  • Heap hardening techniques can make the attack impossible to execute
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses a new attack surface for memory corruption bugs in repulse points and introduces a unique bug hunting strategy.
  • The presentation introduces a new attack surface for memory corruption bugs in repulse points.
  • The speaker discusses a bug hunting strategy using both dynamic and static methods.
  • The presentation includes an anecdote about successfully exploiting a vulnerability in repulse points.
  • The speaker emphasizes the importance of careful handling of each field situation and cleanup for all open things.
  • The presentation also introduces some useful and universal exploit techniques for mitigation bypass in the future.
Tags:
Conference:  BlackHat USA 2021
Authors:
2021-11-11

tldr - powered by Generative AI

The presentation discusses the challenges faced in cybersecurity due to egocentrism, complex problems, and multi-team systems. The research aims to bring more intentionality into the space to overcome these challenges and increase the effectiveness of c-cert using behavioral psychology.
  • Testing in infosec often requires an individual's skill set, leading to egocentrism.
  • Complex problems have arisen due to the simplicity that slowly scaffolded into more complex and mature adversaries who are creating these problems and more complex systems that are being developed.
  • Multi-team systems came out of the complex problems, leading to the need for a watch team, forensics team, engineering team, and more.
  • The research aims to bring more intentionality into the space to overcome these challenges and increase the effectiveness of c-cert using behavioral psychology.
  • The presentation discusses a social maturity model that talks about the social behaviors driving cert effectiveness and what the priorities are.
  • The collaboration toolkit brings structure, standardization, shared language, and shared mental models into the work.
  • Social maturity takes time and starts with assessment and awareness.
  • Tools that can be used include team and MTS charters, goal hierarchies, communication protocols, and knowledge management.
Tags: