Videos

Sharing the Mic in Cyber. A Day of Allyship and Action

Sharing the Mic in Cyber. A Day of Allyship and Action

The #STMIC campaign was launched 2 years ago by Camille Stewart and Lauren Zabierek with the goal of pairing Black security practitioners with cyber allies to amplify their profiles and voices. Now in its fifth iteration, #STMIC 2022 goes beyond allyship and calls the industry to action! Join us as we highlight ways everyone can create space and share the mic all year round.

Securing Your In-Ear-Fitness Coach: Challenges in Hardening Next Generation Wearables

Securing Your In-Ear-Fitness Coach: Challenges in Hardening Next Generation Wearables

In our presentation, we talk about the security and privacy research that went into designing and developing Radar Pace, including a custom Security Development Lifecycle (SDL) that accounted for the three “branches” of the program: wearable, phone and the cloud. We present examples of vulnerabilities and privacy problems associated with such new classes of products.

The Path Less Traveled: Abusing Kubernetes Defaults

The Path Less Traveled: Abusing Kubernetes Defaults

Kubernetes is a container orchestration framework that is increasingly widely used in enterprise and elsewhere. While the industry is starting to pay some attention to Kubernetes security, there are many attack paths that aren’t well-documented, and are rarely discussed. This lack of information can make your clusters vulnerable.

Defeating Attackers with Preventative Security

Defeating Attackers with Preventative Security

Endpoint detection and response faces many challenges, even as most practitioners deploy some kind of EDR solution. For example, many solutions don’t integrate data from other sources, provide low quality data and are too complex to be effective. In this SANS video, SANS Institute instructor’ Jake Williams and McAfee’s Ismael Valenzuela will examine how EDR has evolved into not just alerting on suspicious things but also helping you investigate and respond effectively. They also will talk about use cases for evaluating EDR solutions.

Driving Cyber Resiliency of IoT Devices with Active Management & Cyber Hygiene

Driving Cyber Resiliency of IoT Devices with Active Management & Cyber Hygiene

Michael Howard, Head of WW Security Practice at HP Inc. and Dr. Kimberlee Brannock, Senior Security Advisor at HP Inc. provide a closer look at the challenges IoT devices present in a security environment and the clear need for good cyber hygiene. The HP Inc. duo also shares some valuable insights from the framework they have applied to 100’s of client print security assessments.

Black Hat Asia 2019 Keynote: The Next Arms Race

Black Hat Asia 2019 Keynote: The Next Arms Race

The Internet is not supposed to have borders, but it does. Countries fight and spy on each other on the Internet every day. So, borders still exist on the Internet, and almost all countries are investing into offensive use of cyber power. The new weapons they are developing are different from any other kind of weapon we’ve ever seen, and we are now seeing the very beginning of the next arms race.

Finding and Decoding Malicious Powershell Scripts – SANS DFIR Summit 2018

Finding and Decoding Malicious Powershell Scripts – SANS DFIR Summit 2018

Malicious PowerShell scripts are becoming the tool of choice for attackers. Although sometimes referred to as “fileless malware”, they can leave behind forensic artifacts for examiners to find. In this presentation, learn how to locate and identify the activity of these malicious PowerShell scripts. Once located, these PowerShell scripts may contain several layers of obfuscation that need to be decoded. I will walk through how to decode them, as well as some light malware analysis on any embedded shellcode. I will also demonstrate how to use an open source python script to automate the process once you have discovered the MO of the attacker in your case.
Black Hat USA 2018 Keynote: Parisa Tabriz

Black Hat USA 2018 Keynote: Parisa Tabriz

This talk offers guiding advice that we as security practitioners and leaders must embrace in order to succeed. Drawing on her experiences leading some of the biggest, ongoing security efforts that aim to make technology safer for all users, Parisa will first share how throwing out the rule book on vulnerability disclosure has been moving giants of the software industry toward measurably faster patching and end-user security. Next, she will share how a grassroots side project grew to shift the majority of the web ecosystem to secure transport, nearly 25 years after the technology was first made available. Finally, she will review the major effort to implement an intern’s publication in one of today’s largest open source projects, and how they persevered for 5+ years of refactoring, avoiding efforts to defund the work along the way. (Coincidentally, this project helped the world’s most popular browser mitigate a new class of hardware vulnerabilities earlier this year!)
Business Email Compromise; Office 365 Making Sense of All the Noise

Business Email Compromise; Office 365 Making Sense of All the Noise

Office 365, or O365, has made online applications easier for businesses of all sizes. Its also created a significant attack vector that attackers have been exploiting for years to the tune of BILLIONS a year. Business Email Compromise, or BEC, is the name given to these types of email-based attacks that have cost businesses over $12 billion, and show little sign of slowing down. It's time we turn the tables. In this webcast, we will examine how and why O365 has become such a successful attack vector. Specifically, we are going to examine examples of spoofed and fraudulent emails and how the attackers work to understand the flow of money within your organization. We will also be going to look at attacker infrastructure and examine sample code that they use to pilfer credentials from your organization.