This Year’s Experiences Defcon And Black Hat – Chuck Leaver

Written by Michael Vaughn And Presented By Ziften CEO Chuck Leaver

 

These are my experiences from Black Hat 2017. There is a minor addition in approaching this year’s summary. It is really in part due to the style of the opening presentation offered by Facebook’s Chief Security Officer, Alex Stamos. Stamos forecasted the significance of re focusing the security community’s efforts in working better together and diversifying security services.

“Working much better together” is relatively an oxymoron when examining the mass competition among hundreds of security companies fighting for clients throughout Black Hat. Based off Stamos’s messaging during the opening presentation this year, I felt it essential to include some of my experiences from Defcon also. Defcon has actually historically been an occasion for finding out and includes independent hackers and security experts. Last week’s Black Hat style concentrated on the social aspect of how companies ought to get along and genuinely assist others and each other, which has actually constantly been the overlying message of Defcon.

People checked in from all over the world this time:

Jeff Moss, aka ‘Dark Tangent’, the founder of Black Hat and Defcon, likewise wishes that to be the theme: Where you aim to help people gain knowledge and gain from others. Moss desires participants to stay ‘excellent’ and ‘practical’ throughout the conference. That is on par with what Alex Stamos from Facebook conveyed in his keynote about security businesses. Stamos asked that all of us share in the responsibility of assisting those that can not help themselves. He likewise raised another valid point: Are we doing enough in the security industry to truly assist people rather than simply doing it to make cash? Can we attain the objective of truly assisting individuals? As such is the juxtaposition of the 2 occasions. The primary distinctions between Black Hat and Defcon is the more business consistency of Black Hat (from vendor hall to the talks) to the true hacker neighborhood at Defcon, which showcases the innovative side of what is possible.

The organization I work for, Ziften, offers Systems and Security Operations software – offering IT and security teams visibility and control across all end points, on or off a corporate network. We also have a pretty sweet sock game!

Many guests flaunted their Ziften assistance by embellishing previous year Ziften sock styles. Looking great, feeling excellent!

The idea of joining forces to fight against the dark side is something most guests from all over the world embrace, and we are not any different. Here at Ziften, we aim to genuinely help our customers and the community with our solutions. Why provide or depend on an option which is limited to just exactly what’s inside the box? One that provides a single or handful of specific functions? Our software is a platform for combination and offers modular, individualistic security and functional solutions. The whole Ziften group takes the imagination from Defcon, and we push ourselves to attempt and build new, customized functions and forensic tools where standard security companies would shy away from or simply remain taken in by day-to-day tasks.

Delivering all-the-time visibility and control for any asset, anywhere is among Ziften’s main focuses. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to rapidly fix endpoint issues, lower general danger posture, speed hazard response, and boost operations efficiency. Ziften’s secure architecture provides continuous, streaming end point monitoring and historical data collection for enterprises, governments, and managed security providers. And remaining with this year’s Black Hat style of collaborating, Ziften’s partner integrations extend the value of incumbent tools and fill the gaps in between siloed systems.

Journalists are not permitted to take photos of the Defcon crowd, however I am not a journalist and this was prior to getting into a badge needed area:P The Defcon hoards and hooligans (Defcon mega-bosses using red t-shirts) were at a standstill for a strong 20 minutes waiting for initial access to the 4 massive Track meeting rooms on opening day.

The Voting Machine Hacking Village got a lot of attention at the event. It was interesting however absolutely nothing new for veteran attendees. I suppose it takes something noteworthy to amass attention around certain vulnerabilities.? All vulnerabilities for the majority of the talks and especially this town have actually already been revealed to the proper authorities prior to the event. Let us understand if you need assistance locking down one of these (looking at you government folks).

A growing number of personal data is becoming available to the public. For instance, Google & Twitter APIs are easily and publicly available to query user data metrics. This data is making it simpler for hackers to social engineer focused attacks on people and particularly individuals of power and rank, like judges and executives. This presentation titled, Dark Data, demonstrated how a simple yet fantastic de-anonymization algorithm and some data made it possible for these two white hats to recognize individuals with extreme precision and discover really personal details about them. This should make you hesitate about exactly what you have actually set up on your systems and people in your work environment. The majority of the above raw metadata was collected through a popular internet browser add-on. The fine tuning accompanied the algothrim and public APIs. Do you know what internet browser add-ons are operating in your environment? If the response is no, then Ziften can help.

This discussion was plainly about making use of Point-of-Sale systems. Although rather funny, it was a little scary at the speed at which one of the most frequently utilized POS systems could be hacked. This specific POS hardware is most commonly utilized when paying in a taxi. The base operating system is Linux and although on an ARM architecture and safeguarded by tough firmware, why would a company risk leaving the security of consumer credit card details entirely up to the hardware supplier? If you look for additional security on your POS systems, then look no further than Ziften. We secure the most frequently used business operating systems. If you wish to do the enjoyable thing and install the video game Doom on one, I can send you the slide deck.

This guy’s slides were off the charts exceptional. Exactly what wasn’t excellent was how exploitable the MacOS is throughout the setup process of very common applications. Generally each time you install an application on a Mac, it needs the entry of your intensified opportunities. However what if something were to somewhat modify code a moment before you entering your Administrator qualifications? Well, the majority of the time, probably something bad. Anxious about your Mac’s running malware wise sufficient to detect and change code on typical vulnerable applications prior to you or your user base entering qualifications? If so, we at Ziften Technologies can assist.

We help you by not replacing all of your toolset, although we frequently discover ourselves doing just that. Our aim is to utilize the advice and current tools that work from different suppliers, guarantee they are running and installed, guarantee the perscribed hardening is certainly intact, and guarantee your operations and security teams work more efficiently together to attain a tighter security matrix throughout your environment.

Key Takeaways from Black Hat & Defcon 2017:

1) More powerful together

– Alex Stamos’s keynote
– Jeff Moss’s message
– Visitors from around the globe interacting
– Black Hat need to maintain a friendly neighborhood spirit

2) Stronger together with Ziften

– Ziften plays good with other software application vendors

3) Popular existing vulnerabilities Ziften can assist avoid and solve

– Point-of-Sale accessing
– Voting machine tampering
– Escalating MacOS advantages
– Targeted specific attacks

Leave a Reply

Your email address will not be published. Required fields are marked *