blackhat conference

Another year, another Black Hat.

The massive security conference in Las Vegas draws the best hackers from around the world to speak about what they do best—breaking everything. Here is a list of our top five most-anticipated talks. What are yours?

Black Hat USA is a major attraction for the InfoSec community and certainly one of the big events the Praetorian team anticipates each year. To unleash some of our pent-up excitement, we are sharing our countdown for the top five most-anticipated talks at Black Hat USA 2014.

Countdown to Black Hat 2014: Most-anticipated Talks

5. The State of Incident Response

It’s no surprise that Bruce Schneier, the internationally renowned security technologist, is back at Black Hat USA in 2014. This year his talk focuses on the big business of incident response—the last of the protection-detection-response triad to get any real attention. Bruce will take a critical look at today’s incident response landscape by exploring the economic and psychological forces that affect it as both a business and a technical activity.

Today, many organizations live with the understanding that breaches are inevitable. This understanding has caused many security vendors to shift attention away from signature-based detection toward alternative response-based approaches, which leverage indications of compromise to guide future protection and detection activities. FireEye’s $1B acquisition of one of the biggest players in the space, Mandiant, is a clear signal of this security market shift.

But can incident response save the day? Attending this talk may help you better answer that question. We are certainly looking forward to it.

4. VoIP Wars: Attack of the Cisco Phones

Fatih Ozavci will present his Viproy Penetration Testing Kit, which he claims allows pen testers to attack Cisco VoIP services with ease. Ozavci will highlight the kit’s modules used to test trust hacking issues, signaling attacks against SIP services and Skinny services, gaining unauthorized access, call spoofing, brute-forcing VoIP accounts and debugging services using man-in-the-middle attacks. The presentation contains live demonstrations of practical VoIP attacks and usage of new Viproy modules.

Why are we interested? Easy. Breaking down vulnerabilities associated with Cisco VoIP services seems practical and fun.

3. Abusing Microsoft Kerberos: Sorry You Guys Don’t Get It

Alva Duckwall and Benjamin Delpy’s talk promises to challenge all assumptions about Kerberos, which is used to handle authentication requests in Microsoft Active Directory by default. They will argue that, with the loss of the right hash, Kerberos can be completely compromised for years after an attacker achieves Domain Admin. Considering Delpy authored the popular Windows security audit tool Mimikatz, the audience is bound to walk away having learned something interesting.

At Praetorian, we are certainly familiar with achieving Domain Admin. Any technique we can add to our toolkit gets us pumped.

2. A Survey of Remote Automotive Attack Surfaces

Tesla’s Model S API has given us something new and exciting to break, while propelling automotive penetration testing into the foreground. In their talk, Charlie Miller and Chris Valasek go beyond the Tesla API to look at a variety of automotive vulnerabilities. Recognizing that research has only been presented on three or four particular vehicles, Miller and Valasek will argue that each vehicle manufacturer designs fleets differently; therefore, analysis of remote threats must avoid generalities.

The talk will leave audience members asking questions like: Are some cars more secure from remote compromise than others? Has automotive network security changed for the better (or worse) in the last five years? What does the future of automotive security hold, and how can we protect our vehicles from attack moving forward?

The $10,000 Tesla Bug Bounty was beat in less than three days. That is only the beginning of these brand-new and dangerous exploits.

1. Secure Because Math: … Machine Learning-Based Monitoring

Alex Pinto’s talk focuses on applications (and non-applications) of machine learning in the information security space. Machine learning shows promise of being a part of a very powerful toolbox, though Pinto will argue that not every tool can be applied to every problem, and that’s where the pitfalls lie. Through his presentation, he will describe different techniques available for data analysis and machine learning for information security, while discussing various strengths and caveats.

Machine learning is an interesting field that very few of us at Praetorian have a formal background in. Seeing new research on the topic is bound to be exciting.

Recap of our TOP 5 most-anticipated talks at Black Hat USA 2014

  1. Secure Because Math: A Deep Dive on Machine Learning-Based Monitoring
  2. A Survey of Remote Automotive Attack Surfaces
  3. Abusing Microsoft Kerberos: Sorry You Guys Don’t Get It
  4. VoIP Wars: Attack of the Cisco Phones
  5. The State of Incident Response

What are you most looking forward to? Let us know below…