Black Hat And Defcon Experiences 2017 – Chuck Leaver

Written by Michael Vaughn And Presented By Ziften CEO Chuck Leaver


Here are my experiences from Black Hat 2017. There is a small addition in approaching 2017’s summary. It is large in part due to the theme of the opening presentation given by Facebook’s Chief Security Officer, Alex Stamos. Stamos predicted the value of re focusing the security neighborhood’s efforts in working better together and diversifying security options.

“Working much better together” is relatively an oxymoron when taking a look at the mass competitiveness amongst hundreds of security businesses fighting for customers during Black Hat. Based off Stamos’s messaging throughout the opening keynote this year, I felt it essential to include a few of my experiences from Defcon too. Defcon has actually historically been an occasion for discovery and includes independent hackers and security specialists. Last week’s Black Hat theme focused on the social element of how companies should get along and genuinely help others and one another, which has actually constantly been the overlying message of Defcon.

Individuals arrived from around the world last week:

Jeff Moss, aka ‘Dark Tangent’, the creator of Black Hat and Defcon, also wishes that to be the style: Where you seek to assist individuals gain knowledge and gain from others. Moss desires attendees to remain ‘excellent’ and ‘valuable’ throughout the conference. That is on par with exactly what Alex Stamos from Facebook conveyed in his keynote about security companies. Stamos asked that we all share in the duty of helping those that can not assist themselves. He also raised another relevant point: Are we doing enough in the security industry to actually help people rather than just doing it to make cash? Can we accomplish the objective of truly helping individuals? As such is the juxtaposition of the 2 occasions. The primary differences in between Black Hat and Defcon is the more business consistency of Black Hat (from supplier hall to the talks) to the true hacker neighborhood at Defcon, which showcases the innovative side of exactly what is possible.

The company I work for, Ziften, offers Systems and Security Operations software applications – giving IT and security groups visibility and control across all endpoints, on or off a corporate network. We likewise have a quite sweet sock game!

Lots of guests showed off their Ziften support by embellishing previous year Ziften sock styles. Looking great, feeling excellent!

The concept of joining forces to fight versus the dark side is something most attendees from around the world embrace, and we are not any different. Here at Ziften, we make every effort to really help our customers and the community with our options. Why offer or count on a service which is restricted to just what’s inside the box? One that offers a single or handful of particular functions? Our software is a platform for integration and offers modular, individualistic security and operational solutions. The entire Ziften group takes the imagination from Defcon, and we push ourselves to try and develop new, customized functions and forensic tools in which standard security companies would avoid or simply stay taken in by everyday jobs.

Providing all-the-time visibility and control for any asset, anywhere is one of Ziften’s main focuses. Our combined systems and security operations (SysSecOps) platform empowers IT and security operations teams to rapidly repair end point issues, minimize total danger posture, speed hazard response, and enhance operations efficiency. Ziften’s protected architecture delivers continuous, streaming endpoint tracking and historic data collection for enterprises, federal governments, and managed security service providers. And sticking with 2017’s Black Hat style of working together, Ziften’s partner integrations extend the worth of incumbent tools and fill the gaps in between siloed systems.

Journalists are not enabled to take photos of the Defcon crowd, but I am not the press and this was prior to going into a badge needed location:P The Defcon masses and thugs (Defcon mega-bosses using red shirts) were at a standstill for a strong twenty minutes awaiting preliminary access to the 4 huge Track conference rooms on opening day.

The Voting Machine Hacking Village gained a great deal of attention at the event. It was fascinating but nothing brand-new for veteran attendees. I expect it takes something noteworthy to garner attention around particular vulnerabilities.? All vulnerabilities for the majority of the talks and particularly this village have actually currently been divulged to the correct authorities before the event. Let us understand if you require help locking down one of these (looking at you government folks).

A growing number of personal data is becoming available to the public. For example, Google & Twitter APIs are freely and openly readily available to query user data metrics. This data is making it easier for hackers to social engineer focused attacks on individuals and specifically persons of power and rank, like judges and executives. This presentation titled, Dark Data, demonstrated how a simple yet dazzling de-anonymization algorithm and some data made it possible for these 2 white hats to recognize people with severe precision and reveal very personal details about them. This ought to make you reconsider what you have set up on your systems and people in your workplace. Most of the above raw metadata was gathered through a popular browser add-on. The fine tuning accompanied the algothrim and public APIs. Do you understand what internet browser add-ons are operating in your environment? If the answer is no, then Ziften can assist.

This presentation was clearly about making use of Point-of-Sale systems. Although quite humorous, it was a little bit frightening at the quickness at which one of the most typically used POS systems can be hacked. This specific POS hardware is most commonly utilized when leaving payment in a taxi. The base operating system is Linux and although on an ARM architecture and safeguarded by durable firmware, why would a company risk leaving the security of customer credit card information entirely up to the hardware vendor? If you seek extra defense on your POS systems, then look no further than Ziften. We secure the most typically used enterprise operating systems. If you wish to do the enjoyable thing and set up the video game Doom on one, I can send you the slide deck.

This person’s slides were off the charts exceptional. Exactly what wasn’t outstanding was how exploitable the MacOS is throughout the setup process of typical applications. Basically each time you install an application on a Mac, it requires the entry of your escalated opportunities. But what if something were to somewhat modify code a few seconds prior to you entering your Administrator qualifications? Well, most of the time, probably something bad. Worried about your Mac’s running malware wise sufficient to discover and alter code on common susceptible applications prior to you or your user base entering qualifications? If so, we at Ziften Technologies can help.

We assist you by not replacing all your toolset, although we often discover ourselves doing simply that. Our goal is to use the guidance and existing tools that work from different vendors, ensure they are running and set up, ensure the perscribed hardening is certainly intact, and guarantee your operations and security teams work more effectively together to achieve a tighter security matrix throughout your environment.

Secret Takeaways from Black Hat & Defcon 2017:

1) More powerful together

– Alex Stamos’s keynote
– Jeff Moss’s message
– Visitors from around the globe collaborating
– Black Hat ought to preserve a friendly neighborhood spirit

2) Stronger together with Ziften

– Ziften plays nice with other software application suppliers

3) Popular present vulnerabilities Ziften can help avoid and resolve

– Point-of-Sale accessing
– Voting machine tampering
– Escalating MacOS advantages
– Targeted private attacks

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>