This is hacker week. Well, not really that officially, but with Black Hat USA and DefCon happening in Vegas, the biggest collection of black and white hat hackers have come together with experts and companies in the security sector to talk protection, exploits, and hacking. Coming at the conference with a big approach, our threat team has attended sessions all day, taking in the lessons being shared in hopes of continuing our advancement of our threat intelligence.
So coming out of the sessions, I have asked our attending team to share their takeaways of Black Hat 2015 Day 1.
On Internet of Things
Attended the, Intel security presentation on attacking hypervisors through firmware and guest operating systerms. The data they presented verified the work we are doing in the IOT (internet of things) field in bring real time behavior monitoring to industrial endpoints. John Sirianni – Vice President, Strategic Partners, Internet of Things
On Endpoints
Windows updates for drivers can lead to execution of malware. This isvVery interesting, but requires a proxy configured. None the less, I’d love to test this myself. Tyler Moffitt – Senior Threat Research Analyst
On Mobile
With regards to Stagefright, everyone is going to need patches to be 100% safe. But the good news is both Google and Samsung have announced 30-day update schedules, and upates for older devices are looking more and more likely. Google is acknowledging this issue much more than we expected and things are going in a good direction for android security. Cameron Palan – Senior Mobile Threat Research Analyst
On Exploits and Malware
The game over Zeus presentation was great. It was interesting to see the collaboration it took to take the botnet down. The FBI is offering $3 million USD for info leading to the arrest of the main guy they attribute to the botnet. The same guy also wrote CryptoLocker. Brenden Vaughan made a good observation that the same guy is probably behind Poweliks as it came out very shortly after game over was taken offline. Grayson Milbourne – Security Intelligence Director
Direct from the team, there is no mistaking the value of Black Hat and the surrounding events. From revelations to new ideas and concepts, day 1 has been packed with incredible information. We look forward to tomorrow and what it has in store.
If you have any questions for our team, comment below and we will respond with our thoughts and answers.