The annual Black Hat Conference from July 31 to August 5 is in person this year at Mandalay Bay in Las Vegas, Nev., and it’s jam-packed with sessions, briefings, fireside chats, and more.
With so many events to choose from, it can be overwhelming to curate a schedule that provides real insight and value.
To help with your quest for security knowledge, we’ve hand-selected 10 sessions that you should consider adding to your schedule.
We’re attending the Black Hat Conference, too, so come say hi to our team at Booth #IC90 in the Innovation City section. Talk to our security experts to earn a PrintNightmare free t-shirt and get more information on how we can add value to your organization.
10 Black Hat Conference Sessions To Attend
How to Stay Ahead of the Curve in the Ransomware Crisis | Wednesday, August 4 | 8-8:15 AM PT (Virtual)
Ransomware has developed into a national security threat, and simply being aware of its existence is no longer enough. In this session, Matthew Warner, CTO and Co-Founder of Blumira, will explain the current threat landscape, and then delve into the suspicious activity to detect at each stage in the ransomware kill chain.
Diving Into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer | Wednesday, August 4 | 2:30-3 PM PT (Virtual)
In this highly-awaited session, the researchers that discovered the Print Spooler vulnerability will share their research. Sangfor’s Zhiniang Peng, Principal Security Researcher, along with XueFeng Li and Lewis Lee, Security Researchers, will provide context to PrintNightmare, detailing the global impact of the Stuxnet and explaining how they were able to bypass Microsoft’s patches.
The Case for a National Cybersecurity Safety Board | Wednesday, August 4 | 2:30-3 PM PT (Virtual)
In May, the Biden Administration issued an executive order that included a plan to create a national cybersecurity safety board. In this presentation Scott Shackelford, Chair of the IU Cybersecurity Program and Christopher Hart, Former Chairman of the National Transportation Safety Board will expand on their Wall Street Journal article We Urgently Need a NTSB for Cybersecurity, discussing the technical, political and administrative challenges of a cybersecurity safety board in practice.
Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild | Wednesday, August 4 | 3:20-4 PM PT (Virtual) | Thursday August 5 | 1:30-2:10 PM (Lagoon FL)
The popularity of Microsoft 365 has piqued the interest of advanced nation-state backed threat actors, who are increasingly investing in unique methods to access the cloud. In this session, Doug Bienstock and Josh Madeley, Manager of Professional Services at Mandiant, will break down these observed techniques and help prepare organizations that run Microsoft 365.
Detection and Response: The Next Generation | Wednesday, August 4 | 3:40-4:10 PM PT (Virtual)
XDR, MDR, NDR — it’s hard to keep track of all the acronyms within the cybersecurity market. In this session, Tim Wilson, co-founder and editor-in-chief of Dark Reading, along with security experts Al Huger, Vice President and General Manager of Security Platform and Response, Cisco, Eric Parizo, Principal Analyst, Security Operations, Omdia Research and Jake Williams, President and Founder of Rendition Infosec, will give objective advice about how these emerging technologies work in real-life environments.
“How Ready Are You for the Worst Case Scenario?” Fireside Chat With ServiceNow CISO and CRO on Cross-Org Prep, Planning, and Response to Crises | Thursday, August 5 | 10-10:40 AM PT (Virtual)
Major cyberattacks like those on Colonial Pipeline, SolarWinds, and Kaseya are forcing executive boards to ask, “What if that happens to us?” This fireside chat with ServiceNow’s Andrew Wheatley, VP of Audit, Risk and Assurance, Ben de Bont, CISO, and Syra Arif, Manager, Solution Consulting, Integrated Risk Management will examine executional challenges of dealing with an event. They’ll also discuss some tabletop exercises that will help attendees to practice decision-making.
Incredible Email Hacks You’d Never Expect | Thursday, August 5 | 11:20-11:40 AM PT (Virtual)
Phishing was the most common type of cybercrime in 2020, according to the FBI, and it continues to be a popular attack vector for ransomware. This session with Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, will delve into the social engineering techniques that hackers use, as well as actionable steps that you can take to defend against them.
Cloud Pen Test 101 | Thursday, August 5 | 11:50 AM-12:10 PM PT (Virtual)
Companies that move into the cloud aren’t always aware of their attack surface after migrating. This session with Optiv’s Daniel Min, Technical Manager, Attack and Penetration and Robert Surace, Security Consultant, Attack and Penetration will address the attack surfaces of each ‘big three’ cloud provider (GCP, Azure and AWS) and explain pentesting methodology.
ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server! | Thursday, August 5 | 3:20-4:00 PM PT (Virtual)
This session is likely to be a popular one as Orange Tsai of DEVCORE (the researcher that helped discover the ProxyLogon Exchange vulnerability) will analyze 7 vulnerabilities that chain into 3 attack vectors (ProxyLogon, ProxyShell and ProxyOracle). He’ll provide hardening actions to mitigate similar zero-days in Exchange, which will be incredibly useful for future use.
The Kitten that Charmed Me: The 9 Lives of a Nation State Attacker | Wednesday, August 4 | 1:30-2:10 PM PT (Virtual) | Thursday August 5 | 3:20-4:00 PM (Lagoon HI)
Last year, the IBM X-Force Intel team investigated a state-sponsored threat group ITG18 AKA “Charming Kitten” that targeted pivotal individuals involved in COVID vaccine development, politicians, scientists, and journalists and gained access to their personal data. This session, led by threat analysts Allison Wikoff and Richard Emerson, is sure to be a fascinating one as they tell the story of ITG18’s operations.
Relying On Blumira’s Security Experts
No matter how much you educate yourself on cybersecurity topics, there’s a chance that something will fall through the cracks — especially if you’re on a small team. That’s why it’s important to have a trusted security advisor that you can count on.
Blumira’s threat detection and response solution is accompanied by a security team that not only alerts you about potential threats, but gives you actionable guidance on what to do next.
Stop by our Booth, #IC90, at Black Hat to talk to our security experts and see how our security solution can provide real value (and get the best t-shirt at the show).
Want to make sure you don’t forget? Book time with the Blumira team: