96+ Articles, Blogs and Links that Summarize the Black Hat Conference 2018

black hat conference 2018

by Bricata

Black Hat is one of those “can’t miss” events for the security industry. The six-day conference has doubled in size since 2014, according to the Las Vegas Review-Journal. The publication reported this year’s show attracted some 17,000 cybersecurity professionals, including 300 exhibitors, who collectively offered 80 sessions and 120 briefings.

All of these people and sessions produced an incredible volume of information. For example, if you peruse these three hashtags: #BHUSA, #BlackHat2018, or #BHUSA18 – the number of views, images and links is staggering. There were other hashtags in use as well.

As such, it occurred to us that attendees and observers might like to go back over notes from the show after the fact. To that end, this post is an effort to organize and curate much of the news and ideas we observed at the show into a useful resource.

While we call out a few points we think are of interest, the layout is not intended to convey importance or merit. We grouped links and articles logically along themes to summarize the 2018 Black Hat USA conference.

 

Roundups, Overviews and Observations

1) Cyber Security Hub: ‘Black Hatter’ Lists Top 5 Show Takeaways: AI, IoT & More

“At the end of the day, though, shows can be all about optics, or all about substantive information. Black Hat touched the latter, with an agenda pleasantly occupied by sessions with attention-grabbing headlines and speakers.”

2) Cyber Security Hub: Black Hat Day 2 Coverage Centers Around Mobile Sec, AI & ML

3) Cyber Security Hub: From Endpoint Protection To Threat Intel: Black Hat Day 1 In Review

4) The Parallax: Black Hat attendees are surprisingly lax about encryption

5) MSSP Alert: 10 Managed Security Developments at Black Hat USA 2018

“The Cloud Security Alliance (CSA) has released the Top Threats to Cloud Computing: Deep Dive, a case-study analysis that provides more technical details dealing with architecture, compliance, risk and mitigations for each of the cloud computing threats and vulnerabilities identified in the Treacherous 12: Top Threats to Cloud Computing (2016), the organization says.”

6) The Daily Swig: We are now being tested. Are we as good as we say we are?’

7) The Daily Swig: ‘Stay humble, keep learning, and have fun’

8) LinkedIn Pulse: Black Hat USA Takes it to the Next Level

 

Studies and Surveys from Black Hat

9) Dark Reading: Black Hat Survey: Enterprise Tech, USG Unprepared for Cyberattacks

10) SearchSecurity: Black Hat 2018 survey: Cybersecurity staffing, budgets still lacking

11) Malwarebytes: …the emergence of the gray hat: the true costs of cybercrime

Note:  Malwarebytes published a US and global version of this report.

“…our research found that an organization of 2,500 employees in the United States can expect to spend nearly $1.9 million per year for cybersecurity-related costs (that’s nearly $760 per employee).”

12) Help Net Security: There’s a global divide in how organizations assess cyber risk

13) PRWeb: DarkOwl BlackHat 2018 Index Shows Potential Correlation Between Darknet Exposure and Stock Price Performance

“…study that examined the 285 Black Hat USA 2018 exhibitors to objectively compare the magnitude of darknet exposure among them. The extent of the presence of a company’s data on the darknet is a significant measure of that company’s cybersecurity risk. For the first time, the report also contains a preliminary analysis of whether changes in a firm’s darknet footprint was a good proxy for its stock price performance.”

14) Dark Reading: No, The Mafia Doesn’t Own Cybercrime: Study

 

Key Note by Project Zero

15) Threat Post: Google Bug Hunter Urges Apple to Change its iOS Security Culture

16) The Register: Google Project Zero boss: Blockchain won’t solve your security woes

17) CNET: Google doesn’t want you to have to think about cybersecurity

18) SC Magazine: Google’s Tabriz calls for more collaboration in Black Hat keynote

“Coalition building, both within a company and with external partners, is also needed to keep cybersecurity projects alive and on track.”

19) Search Security: Parisa Tabriz’s Black Hat 2018 keynote challenges infosec’s status quo

20) Threat Post: Bridging the Gap Between Complex Security Landscapes

21) Security Boulevard: Project Zero director exhorts Black Hat audience to do security better

22) The Parallax: Google’s ‘Security Princess’ calls for stronger collaboration

 

Flaws and Vulnerabilities

23) Threat Post: With Healthcare Security Flaws, Safety’s Increasingly at Stake

“’Whether [healthcare professionals] like it or not, code, networks and devices are now caring for patients every single day and it is so important to remember that securing them, we think, will save lives,’ said Christian Dameff, M.D. at the University of California at San Diego School of Medicine and security researcher.”

24) Threat Post: Mixed Signal Microcontrollers Open to Side-Channel Attacks

25) Threat Post: Update Mechanisms Allow Remote Attacks on UEFI Firmware

25) Threat Post: Stealthy Kernel Attack Flies Under Windows Mitigation Radar

27) Dark Reading: Cracking Cortana: The Dangers of Flawed Voice Assistants

“Security vs. convenience is a delicate balance to strike with new technology designed to make our lives easier.”

28) Threat Post: Patrick Wardle on Breaking and Bypassing MacOS Firewalls

29) Dark Reading: Understanding Firewalls: Build Them Up, Tear Them Down

“…even good firewalls are at a disadvantage to attackers because, in the Internet era, certain communications simply must be allowed.”

30) Search Security: Meltdown and Spectre disclosure suffered “extraordinary…

“[Project Zero] notified Intel and the other CPU vendors of these speculative execution vulnerabilities and they said a third of the way through the email that ‘We found these, here are the proof of concepts, and by the way, we haven’t told anyone else about this including Google, and it’s now your responsibility to tell anyone you need to tell,’ and somewhere along the line they missed that piece of the email.”

31) SC Media: Google, Microsoft and Red Hat dish on the Meltdown/Spectre backstory

32) Dark Reading: Cloud Intelligence Throwdown: Amazon vs. Google vs. Microsoft

33) PC Magazine: Black Hat Researcher Shows Why Air Gaps Won’t Protect Your Data

34) The Register: Microsoft to hackers: Finding Hyper-V bugs is hard. Change my mind.

35) Wired: Hacking a Brand New Mac Remotely, Right Out of the Box

36) eWeek: F5 Details Cellular Gateway IoT Flaws at Black Hat

Energy and ICS

37) Dark Reading: Even ‘Regular Cybercriminals’ Are After ICS Networks

38) Fifth Domain: Hackers targeted a fake power grid. Is the real one next?

39) Fifth Domain: Why small cyberattacks on power systems more likely than a blackout

 

Government

40) Fifth Domain: DHS wants more secure call encryption for feds

“We know that it is a risk area and we know that it is a challenge. Whether it is financially feasible to do it, even if the technology exists today and we are all going to agree multilaterally on one system, that is a little hard.”

41) Fifth Domain: How long is too long for a cyber operation? NSA has an idea

42) Fifth Domain: How algorithms can harm cybersecurity

44) Fifth Domain: How hackers can defeat cyber deception methods

45) Government Executive: Flaw in Some Satellite Communication…Expose U.S. Troops…

46) CRN: 10 Execs On The Top Cybersecurity Threat America Faces Around…Elections

“Voting machines can be manipulated in a manner similar to ATMs if a bad actor has direct access, Holmes said, and securing the infrastructure or network these machines connect with can be challenging.”

 

Mobile and IoT

47) Fifth Domain: New bugs leave millions of phones vulnerable to hackers

48) PC Magazine: It Takes Just $200 to Tie Cell Networks in Knots

49) Ars Technica: In-vehicle wireless devices are endangering emergency first responders

50) Threat Post: Widespread Critical Flaws Found in Smart-City Gear

“In the Meshlium wireless sensor networks by Libelium, researchers found a critical pre-authentication shell injection flaw, present in four distinct instances.”

51) Politico: Research: Smart cities are dumb on defense

52) Help Net Security: Smart cities are exposed to old-school threats

53) SC Magazine: IBM X-Force finds 17 zero-day vulnerabilities in four smart city systems

54) eWeek: Researchers Reveal Smart City System Flaws at Black Hat

55) eWeek: IOActive to Detail Stock Trading App Vulnerabilities at Black Hat

56) Fortune: Dozens of applications used for online trading…have…vulnerabilities

57) Wired: Online Stock Trading Has Serious Security Holes

“Well over half of the desktop applications Hernández examined, for instance, transmitted at least some data—things like balances, portfolios, and personal information—unencrypted.”

58) Dark Reading: IoT Malware Trying to Attack Satellite Systems of Airplanes, Ships

59) Tech Crunch: Hack the planet: vulnerabilities unearthed in satellite systems…

60) eWeek: Black Hat Talk Reveals How Embedded Systems Expose Airlines to Risk

61) CRN: Research Revealed at Black Hat shows Airplane’s SATCOM’s are Hackable

62) Fox 5 Vegas: Airplane hacking explained at Black Hat 2018

63) Wired: A New Pacemaker Hack Puts Malware Directly on the Device

64) eWeek: Car Hackers Discuss What It Takes to Secure Autonomous Vehicles

65) Las Vegas Review-Journal: Black Hat experts in Las Vegas address hacking cars, medical devices

66) The Register: Say what you will about self-driving cars – the security is looking ‘OK’

67) Help Net Security: Vulnerabilities in mPOS devices could lead to fraud and theft

 

Artificial Intelligence

68) Security Intelligence: DeepLocker: How AI Can Power a Stealthy New Breed of Malware

“The security community needs to prepare to face a new level of AI-powered attacks. We can’t, as an industry, simply wait until the attacks are found in the wild to start preparing our defenses. To borrow an analogy from the medical field, we need to examine the virus to create the “vaccine.’”

69) The Register: Should I infect this PC, wonders malware. Let me ask my neural net…

70) eWeek: IBM Demonstrates DeepLocker AI Malware at Black Hat

71) MSSP Alert: IBM Demos AI-powered Malware Called DeepLocker: The Implications

72) V3: IBM’s proof-of-concept malware uses AI for spear phishing

73) Reuters: New genre of AI programs take computer hacking to another level

 

Tools and Utilities Promoted Around Black Hat

74) Reddit: Coverage of Blackhat Presentation about Curl-P presentation

75) Dark Reading: Researchers Release Free TRITON/TRISIS Malware Detection Tools

76) Linux Security Expert: Linux security tools (top 100)

Note:  This piece calls out two of our favorites including Suricata (#9) and Bro (#20) and says respectively:

“Suricata can be used as part of a Network Security Monitoring (NSM) ecosystem. You could use it to log HTTP requests, log and store TLS certificates, extract files from flows and store them to disk.”

“Bro helps to perform security monitoring by looking into the network’s activity. It can find suspicious data streams. Based on the data, it alert, react, and integrate with other tools.”

77) eSecurity Planet: Demisto Demonstrates Tool to Validate IOC Detection at Black Hat

78) Medium: Black Hat Arsenal USA 2018 — The w0w lineup

79) CRN: 20 Hot Cybersecurity Products Announced At Black Hat 2018

80) eSecurity Planet: 10 Vendors Making News at Black Hat USA 2018

81) Help Net Security: Researchers open source tools to identify Twitter bots at scale

82) Help Net Security: Bugcrowd University to provide hands-on training for security…

 

Talent, People and Human Interest

83) Channel Partners: How to Hire, Retain More Women Cybersecurity Engineers

“Holtz said much of the research is flawed regarding why women aren’t being hired in technology and are leaving their careers in technology. A common misconception is that women aren’t interested in computers, she said. Also, unequal pay has been overly cited as a reason. ‘If unequal pay is the only problem you have in your organization, you’re very, very lucky,’ she said. ‘Changing a number is a lot easier than changing a culture.’”

84) SC Media: Retaining and promoting women cybersecurity staffers

85) Info Security: Focus on Hiring and Retaining Female Security Employees

86) Info Security: The Value of Skills, Education and Experience in Information Security Hiring

87) Info Security: Companies Encouraged to Adopt Sexual Harassment Policies

88) MSRC: Microsoft’s Top 100 Security Researchers – Black Hat 2018 Edition

89) Dark Reading: White Hat to Black Hat: What Motivates the Switch to Cybercrime

“The average starting salary for an entry-level security pro in the US is $65,578, slightly above the global average of $60,662. Top security professionals in the US make an average of $133,422, the second highest salary among nations surveyed.”

90) Dark Reading: 6 Drivers of Mental and Emotional Stress in Infosec

91) Axios: Mental health is new focus at premier cybersecurity conference

92) Medium: What type of vendors are showing themselves off in the Business Hall?

“…46% of vendors in the hall are indeed VC-backed companies at varying stages of maturity. Privately held companies are a non-trivial segment at 17%, and there are 30 Private Equity-owned companies making up 12% of the hall.”

 

Around and About

93) Help Net Security: Photo gallery: Black Hat USA 2018

94) Las Vegas Review-Journal: Black Hat, with big names and crowds, infiltrates Las Vegas

95) eSecurity Planet: Top 10 Talks to See at Black Hat USA 2018

96) Fifth Domain: 3 storylines to watch during Black Hat 2018

 

 

* * *

We are certain we didn’t capture everything, so if there is an article or blog post you like to see added? Send us a note at media -at- bricata -dot-com and we will consider it.

If you enjoyed this post, you might also like:
7 Security Trends Shaping Intrusion Detection Technology

Back to Blog


Bricata Included as a Representative Vendor in the Inaugural Market Guide for Network Traffic Analysis by Gartner, Inc.
“Applying behavioral analysis to network traffic is helping enterprises detect suspicious traffic that other security tools are missing,” wrote Gartner analysts.
+ +