Top Talks Were Excited For at Black Hat 2017

Black Hat presentations represent some of the highest quality, most cutting edge research in the security community. The bar for Black Hat talks is higher than other popular information security conferences and as such, some of the most interesting things you’ll hear all year in the infosec community come out of Vegas.

The ZeroFox Research team will be presenting a slew of our own research, which you can check out here, but we wanted to highlight the presentations we’re most excited about attending.

In no particular order…

Session Title: Hacking Serverless Runtime: Profiling AWS Lambda, Azure Functions, and More
Presenter: Andrew Krug & Graham Jones
Time: Wednesday, July 26, 1:30pm-2:20pm
Location: Jasmine Ballroom
Why We’re Excited: This is a great example of a fairly new technology getting put through the security gambit. We always like to see how the cutting edge tech can be made better by the security industry, and we hope this talk does precisely that.

Session Title: Datacenter Orchestration Security and Insecurity: Assessing Kubernetes, Mesos, and Docker at Scale
Presenter: Dino Dai Zovi
Time:Thursday, July 27, 9:45am-10:35am
Location: South Seas CDF
Why We’re Excited: Once again, this is another talk that pits some exciting new tech against security’s best minds. This is of course what we love about security: finding weaknesses in existing systems that we use every day and making them better.

Session Title: Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
Presenter: Kelly Shortridge
Time: Wednesday, July 26 2:40pm-3:30pm
Location: Mandalay Bay GH
Why We’re Excited:
This presentation promises to be an interesting twist on the theoretical based game theory explanations that have traditionally been viewed as the underpinning for computing security. Expect experimentally validatable results that describe as to how attackers and defenders interact! Like Daniel Kahneman did for Economics, perhaps Kelly can bring some human realities to foundational assumptions of our industry.

Session Title: Practical Tips for Defending Web Applications in the Age of DevOps
Presenter: Zane Lackey
Time: Thursday, July 27th, 11am-11:50am
Location: Lagoon DEFJKL
Why We’re Excited:
The importance of the Secure Software Development Lifecycle (SSDLC) has been the staple of any well established engineering team for over a decade, but even the pros are having problem adapting to the influx of new tools that are emerging continuously as part of the devops revolution. In this talk we look forward to hearing some some common SSDLC ‘lessons learned’ when integrating Agile, Devops, and CI/CD into a web application development stack. We’re also excited to see if any of the advice given can generalize to the multitude of organizations that are trying to secure these facets of their engineering daily.

Session Title: OCHKO123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
Presenters: Harold Chun  and Norman Barbosa
Time: Wednesday, July 26, 4:00pm-4:50pm
Location: Mandalay Bay AB
Why We’re Excited:
There was a time when Black Hat/Defcon was the last place you’d find members of the federal government. This year we get an interesting opportunity to peer into new the minds of two senior members of the government that are credited with tracking down and stopping some of the cybercrime we hear so much about. We’re looking forward to a real detailed breakdown of what tactics are used along with the interesting legal complexities that are usually left out of Black Hat talks.

Session Title: Game of Chromes: Owning the Web with Zombie Chrome Extions
Presenter: Tomer Cohen
Time: Thursday, July 27, 12:10pm-1:00pm
Location: Lagoon ABCGHI
Why We’re Excited:
From troll factories to misinformation machines to follower farms to nonsense spammers to political censors to sex scams to star wars quote generators, botnets have earned quite the reputation on social media. They come in all shapes and sizes, display different behaviors and strive towards different end goals. In this upcoming talk, we’re excited to hear what Tomer has to say about the Facebook-based botnet attack his company fended off earlier this year. He’ll describe similar tactics that he was able to apply to distribute malicious payloads and “create the web’s most powerful botnet ever”. We’re excited to see how bot distribution via social login relates to the type of bot activity we’ve observed in our own research. Lastly, the timing of the GoT reference in the title isn’t lost on us either, as we eagerly await the next episode of Season 7. A Lannister always pays his bots?

Session Title: How We Created the First SHA-1 Collision and What It Means for Hash Security
Presenter: Elie Bursztein
Time: Wednesday, July 26, 1:30pm-2:20pm
Location: South Seas CDF
Why We’re Excited:
Many companies (including social networks!) use SHA-1 digests to store data. For example, GitHub uses it as a unique id for each commit. The ability to create hash collisions mean people can replace benign content with malicious generated content, and automated processes won’t detect it. We’re looking forward to seeing how quickly this attack vector will be feasible for malicious actors and what is being done to proactively defend against it.