10 Hot Sessions at Black Hat Europe 2016Top-Flight Information Security Conference Decamps to London
The annual Black Hat Europe information security conference gets underway again this week.
Seeking more space, the conference - now in its 16th year - decamps from Amsterdam to London for the first time, setting up shop at the city's Business Design Center.
Organizers are expecting more than 1,500 attendees and have booked more than 65 speakers to present 40 research-based briefings, as selected by the Black Hat Review Board, composed of 23 leading information security experts.
Topics to be covered range from ransomware and threat intelligence to targeted attacks and how to hack secure boot.
Another 30 briefings are also scheduled for the Business Hall, wherein vendors will be delivering everything from a deep dive into the Cerber ransomware-as-a-service gang and threat hunting to using machine learning and the growth of commoditized malware.
Where to begin? Here are 10 especially good-looking briefings:
- Detecting Mobile-Targeting Ransomware (Thursday, 10:00): Only 10 ransomware families currently target mobile devices, say researchers Federico Maggi of Trend Micro and Stefano Zanero of Politecnico di Milano. They promise to detail new techniques for how related attack code can be spotted.
- Mobile Espionage Malware (Thursday, 12:30): Lookout Mobile Security researchers Max Bazaliy, Seth Hardy and Andrew Blaich will offer a technical teardown of Pegasys "lawful intercept" spyware to detail its technical features as well as "how this espionage software utilizes remote jailbreaks and backdoors to embed itself into the device," plus related defensive recommendations.
- More Qualcomm Chipset Flaws (Thursday, 16:00): Adam Donenfeld of Check Point Software Technologies will detail multiple brand-new, zero-day, privilege escalation vulnerabilities in Qualcomm chipsets, dubbed "Qualaroot," following on the heels of his firm's previous Quadrooter vulnerability research.
- Waging "Offensive Cyber Defense" (Thursday, 16:00): Microsoft's Tal Be'ery and Itai Grady argue that defenders need to adopt more of the techniques being used against them by attackers, including wielding Kerberos error injection as a defense against certain types of attacks and using internal network reconnaissance against attackers to identify them.
- Unraveling "Ego Markets" (Friday, 9:30): Click farms and Gameover Zeus botnets are being used to supply fake followers. GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau will detail new insights into how one such large-scale botnet, known as Linux/Moose 2.0, supports this "criminal market for social media fraud," as well as just what that market entails.
- Suborning Belkin Home Automation Devices (Friday, 9:30): Joe Tanen and Scott Tenaglia of Invincea Labs found flaws in Belkin IoT devices - and related Android apps - that could be used to root devices, run arbitrary code on paired smartphones as well as use the devices to launch distributed denial-of-service attacks without having to first root the device.
- OAuth 2.0 Mayhem (Friday, 12:00): Ronghai Yang and Wing Cheong Lau - both hailing from the Chinese University of Hong Kong - say they have discovered a brand-new flaw in how OAuth 2.0 - for single sign-on - is being used by nearly half of all mobile apps they tested, which could allow attackers to sign into a victim's account without any user interaction. Billions of apps are reportedly at risk.
- Quantum-Proof Crypto (Friday, 14:00): Cryptographers continue to double down on quantum-resistant cryptography. Jennifer Fernick, a cryptography and security researcher at the Institute for Quantum Computing and the Center for Applied Cryptographic Research at Canada's University of Waterloo, promises to round up related issues as well as to "demonstrate the world's first open-source library offering a full range of secure implementations of quantum-safe cryptographic algorithms."
- Top Web Attack Payloads (Friday, 15:30): When attackers exploit vulnerabilities such as Shellshock and ImageTragick, they typically do so to launch exploit-code payloads at targets. But which types of payloads are most prevalent? John Graham-Cumming of CloudFlare will share payload-related information that's been spotted by his DDoS defense firm.
- Black Hat Locknote (Friday, 16:15): The annual and always insightful closing keynote presentation features Black Hat founder Jeff Moss, as well as three members of the Black Hat Review Board. This year, Sharon Conheady, Daniel Cuthbert and Chris Wysopal join Moss to discuss key takeaways from the conference.
With everything on offer this year, the above is just my starting point. What are your top picks?