7/7/2023 0 Comments Hacker conventionThe state reintroduced a mask mandate for indoor events on Friday. Defcon is happening at the worst possible time, some worry: cases are creeping back up in Nevada, as they are across the US, even as restrictions remain lax. But for many, the belated awareness that America, too, was at risk from the Delta variant that had seen cases skyrocket in India and the UK was the final straw. But the conference is trying its best, adding a “real mask” mandate (no bandanas or face shields) and requiring proof of vaccination. The conference is the only place I’ve ever heard volunteers refer to the “3-2-1 rule” – that is, three hours of sleep a night, two meals a day, and please, for everyone’s sake, one shower. But as the date of the event drew closer, and it became increasingly clear that the pandemic would not be over by August, a growing number of American attendees also reconsidered their decision to travel to Las Vegas.ĭefcon and hygiene don’t normally go together. The initial justification was less about Covid per se, and more about the difficulty for international travellers: travel to the US is banned from a host of countries, including most of Europe and China. This year, in prescient forward planning, the organisers announced the event would take place in a “hybrid” fashion, streaming live online as well as in-person in Las Vegas. Despite being one of the oldest, and the largest, hacker conventions in the world, it had always been a resolutely in-person affair until the coronavirus pandemic saw events cancelled globally and forced it online. For another, there’s waves arms all this still going on.ĭEF CON (alright, Defcon, the official styling is giving me a headache) had planned for the occasion. For one thing, I now have a four-month-old daughter at home, helpfully making the choice for me as to whether or not I travel to conferences in distant nations. Well done Black Hat community and looking forward to the next 25 years of awareness, improvements, and fighting the “good” fight.This year is not, of course, a normal year. With every passing day, more of our lives become increasingly digital, meaning that security research and the sharing of information are some of the most important endeavors that the industry needs today. The Black Hat security convention helps the industry maintain a report card and maintain its visibility into a world that is constantly evolving on both sides, emerging with new threats and new ideas that define the state of cybersecurity. While the most famous hacks evoke technical wizardry and craftiness, many count on social hacks, physical circumventions, and basic deception. Still Going StrongĬyber threats are everybody’s problem. The evolution and improvements may prove to be a worthy roadmap for private industries to follow. Executive initiatives have expanded their way into governments across the globe, with improvements in process, communications, and awareness of events and threats throughout the various subjects. This security feature promises to secure systems by providing a special pre-launch configuration of secured drivers that prevents unauthorized malware from embedding itself into a system.Ī considerably hot topic was the ongoing improvements in security posture in the world of government agencies. Among the numerous points of vendor presence and new technologies, one of the major announcements was an emerging feature in the omnipresent Windows operating system. The ease of this attack is a bit of a jaw-dropper! Industry Evolution and Best Practicesĭefensive evolution got its moments in the spotlight. Named “Rollback,” this novel attack leveraged nearly instant compromise to defeat vehicle security systems using old key fob commands and replaying them. With all of this evolution in play, issues from the realm of the Internet of Things (IoT) also emerged, including a new time-agnostic replay attack demonstrated against Remote Vehicle Keyless Entry Systems. There is a continuously expanding universe of devices and services surround us. While technically better than nothing, the demonstrations showed how using SMS in the MFA application is one of the weakest ways of deploying MFA due to authoritative vulnerabilities that comes from SMS itself. Multi-factor authentication gained focused attention as sessions went through the best methods, and some of the riskiest ways of implementing this popular security tool. From Multifactor Authentication to the Emergence of IoT Threats
0 Comments
Leave a Reply. |