10 Black Hat Conference 2022 Sessions To Attend

The annual Black Hat Conference from August 6-11 is in person this year at Mandalay Bay in Las Vegas, Nev., and it’s jam-packed with sessions, briefings, fireside chats, and more.

With so many events to choose from, it can be overwhelming to curate a schedule that provides real insight and value. 

To help with your quest for security knowledge, we’ve hand-selected 10 sessions that you should consider attending.

We’re attending the Black Hat Conference, too, so come say hi to our team at Booth #IC05 in the Innovation City section. Talk to our security experts to grab a free Zelda-themed t-shirt and learn more about our free SIEM with detection and response for Microsoft 365.

10 Black Hat Conference Sessions To Attend  

AAD Joined Machines – The New Lateral Movement | Wednesday, August 10 | 10:20am-11:00am PT 

The evolution of Azure and pass-through authentication, organizations are connecting devices to Azure AD — which means that Kerberos and NTLM are no longer authentication options for those devices. In this talk, Microsoft researcher Mor Rubin will discuss the possibilities of new attack methods, including “pass-the-certificate” attacks.

Elevating Kerberos to the Next Level | Wednesday, August 10 | 10:20am-11:00am PT 

The security risks of Kerberos, one of the primary authentication protocols for Windows, are well-researched when it comes to remote access and lateral movement. In this session, James Forshaw, Security Researcher at Google Project Zero and Nick Landers, Head of Adversarial R&D at NetSPI, will explore the security implications of Kerberos for local access, specifically privilege escalation. 

Trying to Be Everything to Everyone: Let’s Talk About Burnout | Wednesday, August 10 | 1:30pm-2:10pm PT

Burnout is a major concern, especially among cybersecurity professionals that report high stress and long working hours. Healthy habits such as meditation and yoga can help, but this session will dig into the root causes and suggest solutions beyond exercise. Stacy Thayer, Ph.D in Clinical and Organizational/Business Psychology at Norfolk University, will discuss realistic ways to manage anxiety and find motivation, backed by research. 

The Cyber Safety Review Board: Studying Incidents to Drive Systemic Change | Wednesday, August 10 | 1:30pm-2:10pm PT

One of last year’s Black Hat sessions made an argument for why we need a Cyber Safety Review Board; this session will discuss how the board is actually improving the ecosystem. Specifically, members of the board will explain their findings and recommendations about the Log4j exploit, which continues to make an impact over 8 months later.

Real ‘Cyber War’: Espionage, DDoS, Leaks, and Wipers in the Russian Invasion of Ukraine | Wednesday, August 10 | 3:20pm-4:00pm PT 

The Russian invasion of Ukraine involved a variety of cyberattacks, including wiperware, a type of malware that wipes a victim’s data rather than encrypts it. In this session, threat researchers at SentinelOne will discuss seven different types of wiperware that they’ve witnessed since the beginning of 2022, as well as the broader implications of nation-state wipers on modern warfare.

A New Trend for the Blue Team – Using a Practical Symbolic Engine to Detect Evasive Forms of Malware/Ransomware | Wednesday, August 10 | 4:20pm-5:00pm PT

Obfuscated malware and ransomware can evade endpoint detection and response (EDR) tools, often making detection a complex and time-intensive process. The research team at TXOne Networks believes that with a symbolic execution engine, blue teams can detect these forms of malware by parsing through the possible execution paths of the suspected binaries. They’ll present their research in this session that will be exciting for defensive teams everywhere. 

Pre-Stuxnet, Post-Stuxnet: Everything Has Changed, Nothing Has Changed | Thursday, August 11 | 9:00am-10:00am PT

When the malicious worm Stuxnet was first uncovered in 2010, it forced us to recognize how easily critical infrastructure could be attacked. Over 10 years later, Stuxnet continues to make an impact on the cybersecurity community. This session, presented by investigative journalist and author of Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon, will discuss Stuxnet’s impact — with a reminder that threat actors will always use familiar, tried and true tactics.

Charged by an Elephant – An APT Fabricating Evidence to Throw You In Jail | Thursday, August 11 | 3:20pm-4:00pm PT 

When we think of Advanced Persistent Threats (APTs), espionage and financial gain often come to mind as potential incentives. A lesser-known motivation, however, is framing and incarcerating their victims. In this session, SentinelOne researchers will discuss ModifiedElephant, a threat actor that has been operating for over a decade.

The 8th Annual Black Hat USA NOC Report | Thursday, August 11 | 3:20pm-4:00pm PT

Black Hat’s Network Operations Center (NOC) monitors and protects the network at the Black Hat event every year. This highly-anticipated briefing is an opportunity to share what they’ve witnessed in a fun, humorous way — including revealing how cybersecurity pros conduct themselves on public WiFi.

The Journey of Hunting In-the-Wild Windows LPE 0day | Thursday, August 11 | 3:20pm-4:00pm PT

In the beginning of 2020, the DBAPPSecurity team set out to capture a Windows LPE zero-day vulnerability in the wild, and developed a detection method to do so. This session will discuss that method, and how they were able to successfully capture two Windows LPE zero-days and an LPE one-day in the wild. 

Relying On Blumira’s Security Experts

No matter how much you educate yourself on cybersecurity topics, there’s a chance that something will fall through the cracks — especially if you’re on a small team. That’s why it’s important to have a trusted security advisor that you can count on.

Blumira’s threat detection and response solution is accompanied by a security team that not only alerts you about potential threats, but gives you actionable guidance on what to do next. 

Stop by our booth, #IC05, at Black Hat to talk to our security experts and learn about how you can detect and respond to Microsoft 365 threats using our Free Edition. 

Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.