logo

2020-08-01 ~ 2020-08-06

Presentations (with video): 94 (94)

Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest security research, development and trends. Black Hat USA 2020 will be entirely virtual this year, held over the same dates, August 1-6 in Pacific Daylight Time (UTC−07:00).

Sort by:  

Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

The presentation discusses the increasing threat of targeted attacks on Microsoft Office 365 and the need for organizations to understand and defend against these attacks.
  • Office 365 is becoming a popular target for threat actors due to the large volume of data stored in it
  • Attackers use both unsophisticated and sophisticated techniques to gain access to Office 365
  • Forensic artifacts and best practices can help defend against these attacks
  • Organizations need to invest time and effort into understanding and defending against Office 365 attacks
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

Puzzles and riddles can improve problem-solving skills in cybersecurity and other areas, and can contribute to culture and engagement in the workplace.
  • Puzzles and riddles can develop problem-solving skills that can be applied to larger and day-to-day problems.
  • Designing puzzles and riddles requires thought and consideration of the audience.
  • Measuring engagement and statistics is important to improve puzzles and riddles.
  • Encouraging inclusivity and teamwork can improve engagement and problem-solving skills.
  • There is a gap in research on the psychology of security-related problem-solving.
  • The speaker plans to create a repository of workplace puzzles and hopes others will contribute.
  • The speaker encourages attendees to participate in a crossword puzzle.
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

The presentation discusses how to use deep learning and dynamic analysis to reduce side-channel attack surfaces in hardware cryptography. The approach involves leveraging AI explainability to quickly assess which parts of the implementation are responsible for the information leakages.
  • Side-channel attacks target the implementation of an algorithm rather than the algorithm itself, making it a very efficient way to attack secure hardware.
  • Debugging hardware is harder than debugging software because it requires looking at both the software and hardware to find the source of the leakages.
  • The presentation showcases a concrete step-by-step example of how to use a software called COLD (Charge Side-Channel Attack Leak Detector) to find where a tiny implementation running on an SMT32F4 is leaking.
  • The approach involves using deep learning and dynamic analysis to quickly and efficiently find the origin of the leakage.
  • The presentation also discusses the benefits of using AI explainability to map the code and pinpoint the part of the code that is interacting with the hardware in a way that makes it vulnerable to side-channel attacks.
  • The ultimate goal is to create a debugger that will help reduce the cost of finding and pinpointing attacks accurately, freeing up more time to focus on developing stronger cryptography.
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

The presentation discusses the six specific technical threats that a VPN should protect against and the approach taken to test various vendors in the space.
  • The VPN should prevent sniffing and protect against DNS meddling attacks
  • It should protect against spoofed websites and responder attacks
  • The interaction with the captive portal should not introduce the opportunity for an attacker to inject malicious javascript into the browser
  • IPv6 susceptibility should be the same for hosts on a Wi-Fi network and those on the corporate network
  • Standard equivalent configurations were created to compare vendors in the context of the identified threat scenarios
  • The research question is how much protection enterprise VPN technologies provide against common and realistic threats
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

The traditional approach to mitigating human risk in the security industry is ineffective. Instead, techniques such as personal relevance, social proof, leveraging intrinsic motivation, and tight-feedback loops are key factors to reduce human risk.
  • Human risk is one of the largest unsolved problems in security, with human errors being the top reason for successful breaches.
  • Traditional one-size-fits-all annual security training is ineffective in changing behaviors.
  • Techniques such as personal relevance, social proof, leveraging intrinsic motivation, and tight-feedback loops are key factors to reduce human risk.
  • Motivation needs to be applied in addition to training to get employees to want to take the training and adjust their knowledge levels.
  • Elevate Security is a leading human risk management platform constantly keeping on top of the latest research in the space.
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

Challenges faced by cybersecurity professionals in their early career and how to overcome them
  • Cybersecurity professionals in their early career are enthusiastic and eager to learn, but tend to lack experience and context
  • One of the biggest challenges they face is the tendency to focus on skills without understanding when to use them
  • Picking the wrong role models, such as burnt out and cynical professionals, can also be dangerous
  • To overcome these challenges, cybersecurity professionals should focus on knowing the job, using checklists, zooming out to see the bigger picture, and embracing anti-fragility
  • In the ego phase, cybersecurity professionals may experience burnout and need to actively manage and prevent it by focusing on mental health fundamentals and relying on peer support
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

The talk discusses the mechanics of modern-day information operations and the ways in which hacking the information environment is similar and different from traditional intrusions. It emphasizes the need for more research to inform policy makers on how to address the threat of misinformation.
  • Malign actors are exploiting divisions in society using vulnerabilities in the information ecosystem, overwhelming individuals and manipulating communities.
  • Nation states leverage social networks and network infiltration to influence, distract, and manipulate large communities of people.
  • There is a lack of rigorous academic research to inform policy makers on how to address the threat of misinformation.
  • Companies in various industries may also be targeted with reputational attacks online.
  • The talk concludes with a call-to-action for the audience to deploy their skills in the defense of democracy.
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

Lamphone is a new method of eavesdropping that uses light bulbs to recover sound waves from a room. The technology is still in development but poses a potential threat to privacy.
  • Lamphone uses electro-optical sensors to detect sound waves that cause vibrations in light bulbs
  • The technology is still in development but has the potential to be a practical method of eavesdropping
  • Advanced filtering techniques can be used to filter noise from the signal
  • The use of deep learning to train a model for filtering noise comes with a cost
  • The development of Lamphone is similar to the development of Gyrophone, which took six years to become a practical method of eavesdropping
  • Scientists are likely to continue improving Lamphone in the coming years
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

Plunder Vault is a new type of attack that breaks the integrity of SGX and induces memory corruption in bug-free code, allowing for the leakage of sensitive information.
  • Plunder Vault is a new type of attack that breaks the integrity of SGX
  • It induces memory corruption in bug-free code
  • Sensitive information can be leaked through this attack
  • Examples of leaked information include RSA keys and SQS
Tags:
Conference:  BlackHat USA 2020
Authors:
2020-08-06

tldr - powered by Generative AI

Building cybersecurity strategies for emerging industries in sub-Saharan Africa
  • Sub-Saharan Africa lacks specific data on the cybersecurity industry
  • Effective policies must be implemented to address the distinct operating environment of the region
  • Local cybersecurity practitioners should develop open source or affordable tools for the local market
  • A more sophisticated and organized cybersecurity system is required to curb existing and emerging threats
  • Encouraging more professionals to join the industry and work together to build it
Tags: