Top Black Hat USA Sessions for Qualys Customers
Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think you’ll find relevant.
Next-Gen DFIR: Mass Exploits & Supplier Compromise
An investigation of real “next-gen” digital forensics and incident response cases like SolarWinds, and how to adapt your response processes to meet today’s global threats
Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild
How sophisticated attacks use novel ways to access the cloud, especially Microsoft 365, where more and more organizations are collaborating and storing some of their most confidential data
Generating YARA Rules by Classifying Malicious Byte Sequences
An interpretable machine learning model for malware detection built with a few hundred YARA rules that can generate signatures optimized for detection with minimal false positives
Fixing a Memory Forensics Blind Spot: Linux Kernel Tracing
New memory forensic techniques that can analyze the Linux kernel’s tracing infrastructure and report on potential abuses that currently go undetected
Breaking the Isolation: Cross-Account AWS Vulnerabilities
How an attacker could manipulate various services in AWS and cause them to perform actions on other clients’ resources due to unsafe identity policies used by AWS services to access clients’ resources
IPvSeeYou: Exploiting Leaked Identifiers in IPv6 for Street-Level Geolocation
An internet-scale IPv6 router discovery technique that uses a data fusion attack against residential home routers running IPv6 to discover and precisely geolocate millions of home routers deployed in the wild across the world
MFA-ing the Un-MFA-ble: Protecting Auth Systems’ Core Secrets
A new technical approach to securing auth systems’ golden secrets like private keys for SAML and how to break them into multiple less precious secrets in a fully backward compatible manner for better security
Zerologon: From Zero to Domain Admin by Exploiting a Crypto Bug
An investigation of the different exploit steps of the Zerologon attack discovered during research on Netlogon cryptography and how exactly Microsoft’s patch mitigates it
Siamese Neural Networks for Detecting Brand Impersonation
A Siamese neural network trained to detect brand impersonation (where a malicious user crafts content to look like a known brand to deceive a user into entering sensitive information) that outperforms a baseline image hashing algorithm on a held-out training set
Bridging Security Infrastructure Between the Data Center and AWS Lambda
A workload identity architected in AWS Lambda that shares identity between the data center and cloud services to create secure infrastructure between the two
Deepfake Social Engineering: Creating a Framework for Synthetic Media Social Engineering
Easy-to-implement, human-centric countermeasures against deepfake social media, e.g. when scammers impersonate executives via synthetic audio in vishing attacks to convince employees to wire funds to unauthorized accounts
How I Used a JSON Deserialization 0day to Steal Your Money on the Blockchain
Analysis of an attack that achieved remote code execution on the blockchain nodes through a vulnerability in an open source JSON parser and a reminder to blockchain developers and users to be careful about security
Securing Open Source Software – End-to-End, at Massive Scale, Together
Key lessons learned in our experience coordinating the industry-wide remediation of some of the most impactful vulnerabilities ever disclosed, including Heartbleed, Shellshock, Rowhammer, and BlueZ
ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
An investigation of a new attack surface based on a significant change in Exchange Server 2013 that has unparalleled impact not only as the basis of critical vulnerabilities such as ProxyLogon but also as a new paradigm in vulnerability research
Plus Some Non-Research Sessions
Don’t neglect the people aspect of building effective security teams and processes!
The Ripple Effect: Building a Diverse Security Research Team
What manager doesn’t need to know more about how to create a more inclusive environment that also improves R&D team atmosphere and deliverables?
Legal Pitfalls to Avoid in Security Incidents
The lawyer’s role in a security incident and real-world client examples of how lawyers work together with information security professionals
Whoops, I Accidentally Helped Start the Offensive Intel Branch of a Foreign Intel Service
And this last one just sounds too interesting! And it looks like it will be a good source of insights into how state actors and other sophisticated organizations plan and launch attacks.
Join Us Online at Black Hat USA 2021
We are excited to see you virtually at Black Hat on August 4-5! Schedule a meeting with a Qualys security expert, watch best practices and research sessions, and learn how to get more security with Qualys.
Unfortunately, in light of CDC guidance on the COVID-19 Delta variant and out of concern for the safety of Qualys employees, Black Hat attendees, and residents of Las Vegas, Qualys has made the tough decision to forgo our in-person presence at Black Hat USA 2021. We were very much looking forward to being at the event in person and will continue to support it through our virtual presence.