Black Hat 2018: Prepare to bite back against hackers

July 24, 20184 minute read

Select article text below to share directly to Twitter!

Dismiss

Black Hat USA, the leading information security event in the world, turns 21 this year, and it’ll be celebrating its coming of age at the Mandalay Bay Convention Center in Las Vegas, Nevada with an expected 17,500 guests.

Black Hat 2018 begins with four days of technical trainings (August 4–7), followed by the two-day main conference (August 8–9), which will feature briefings, a packed business hall, and more—all with the goal of defining and defending tomorrow’s infosec landscape.

As you attend trainings and lectures, you’ll be jostling amid hackers on both sides of the fence—malicious (black hat) and ethical (white hat)—along with a gaggle of researchers and security professionals planning to walk away with tricks for gaining the upper hand in today’s rapidly expanding online war zone.

Learn how to fight off hackers with the best in security

Last year, the overarching theme of Black Hat 2017 focused on cyber risk and heightening security awareness. At Black Hat 2018, equipped with the knowledge that hackers are out there and hungry for your data, you can learn exactly what you can do to fight back against them.

Code poets and researchers at the edge of the cybersphere will guide you through the hacker’s underworld, touching on everything from open-source tools to zero-day exploits. Keynote speaker, Google’s Parisa Tabriz, will outline the steps necessary for improving security in complex IT landscapes. Other security superstars will lay out the most pressing problems and their potential solutions across the public and private sectors.

The agenda is packed, but here’s a flash of topics likely to stir buzz on the floor and over the net:

  1. Cathal Smyth, machine learning researcher at Royal Bank of Canada, and Clare Gollnick, CTO of Terbium Labs, will discuss ways to combat credit card fraud. By combining intelligence gathered from online sources—such as the dark web—with transactional data, the pair will demonstrate how machine learning can identify who the next fraud victims will be and where card data will be stolen from—all before any fraudulent transactions have occurred.
  2. In “Last Call for SATCOM Security,” Ruben Santamarta, an expert at cybersecurity company IOActive, will divulge how some of the world’s largest airlines had their entire fleets accessible from the internet, exposing hundreds of in-flight aircraft. The speaker will demonstrate how compromised SATCOM devices can be turned into radio-frequency weapons, as well.
  3. Michael Howard and Jason O’Keefe, senior security advisors at HP, will discuss the folly of investing millions in protecting laptops and servers while overlooking endpoint security. As the breadth of IoT technology expands, organizations will need to contend with protecting all those connected devices. However, IoT devices can also provide data intelligence that can detect unknown threats to your network, even if the devices have closed firmware. The speakers will explore how to use data analytics alongside a proven framework to strengthen endpoint security for all devices—not just the obvious ones. You can catch this briefing on Wednesday, August 8, from 11:30 a.m. to 12:20 p.m. in Oceanside E.
  4. Lookout security researchers Andrew Blaich and Michael Flossman will unveil the new capabilities of a nation-state actor who’s been observed deploying surveillance tooling, known as Stealth Mango and Tangelo, to both Android and iOS devices. This hacker has already compromised the devices of government officials and military personnel in several countries. This session will reveal what researchers know about these campaigns and what operational security lapses on the part of government officials led to their success.
  5. In the session, “SirenJack: Cracking a ‘Secure’ Emergency Warning Siren System,” presented by Balint Seeber, director of vulnerability research at Bastille, attendees will learn how the SirenJack vulnerability affected radio-controlled emergency warning systems. With a $30 handheld radio and a laptop, a bad actor can set off all sirens in a deployment, triggering false alarms at will due to custom digital radio protocol that doesn’t have encryption in its vulnerable deployments.

Take advantage of the conference perks

Along with fascinating briefings, part of the fun of Black Hat is sniffing out the latest security cyberware, exchanging cards, and filling your gift bags with swag. Take advantage of the Business Hall to see what new tools are on the market, head to Arsenal sessions to view live demos of innovative defenses, and network with fellow experts to share tips and tricks.

When you’re ready for a break, visit HP’s Recharge Lounge, the primary destination to charge your devices, check up on work, and relax. It’s the perfect setting to chat with a security expert about topics, like IoT security, print vulnerabilities, and how to work analytics and a proven framework into your endpoint security plan.

Stay up to date on the hottest issues

If you plan to attend Black Hat 2018, enjoy the unique experience of talking shop and building skills alongside heroes and scoundrels. If you can’t make it, though, don’t worry. Tektonika will have post-conference highlights from our team on the ground for you to read. As in the past, you’ll find stories about some of the hottest security issues covered at the conference.

With major breaches hitting the headlines regularly, your business needs to be savvy about locking the back door and applying effective security solutions. Black Hat 2018 is sure to offer thought-provoking strategies to help you defang cyber villains.

Are you planning to attend Black Hat this year? Before packing for the geek-chic festival, check out these conference survival tips to prepare for the mind-blowing stuff coming your way. When you arrive at the Las Vegas airport, seek out HP Brand Ambassadors during their active hours in baggage claim for a free ride to your conference hotel—and skip waiting for a taxi in the heat of the desert.

To stay in the loop about the latest in security, click “subscribe” at the top of the page, and come back in August to check out the highlights from this year’s conference.

  • Recommended for you
  • Recommended for You