Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/30/2020
12:00 PM
Dan Lowden
Dan Lowden
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Black Hat Virtually: An Important Time to Come Together as a Community

The significance of this year's event hasn't changed a whit. It's an opportunity to share what we've learned, and plan how to protect each other and the public for the remainder of the pandemic and beyond.

It's an odd dichotomy for cybersecurity leaders and vendors this summer: Many of us are gearing up for Black Hat USA 2020, long one of the most influential conferences in the industry. But none of us are booking plane tickets, setting aside (just a little bit of) cash for the blackjack tables, or booking dinner meetings at whichever steakhouse doesn't require going out into the Las Vegas heat. Everything is online this year, from the show floor to the breakout sessions to the prospect meetings we're all still scrambling to schedule.

The big challenge for the cybersecurity community this time around is creating the same engagement and enthusiasm for the event that we have when we can all be in the same convention halls, suites, dinner venues, and late-night events at Mandalay Bay. The importance of the event hasn't changed a whit; this is one of the community's best opportunities to come together, share what we've learned in the past months, and plan for how we'll protect each other and the public for the remainder of this pandemic and beyond.

COVID's emergence posed an obvious, real, and ongoing health crisis, but the subsequent efforts to keep businesses up and running with a remote workforce posed a different crisis. The attack surface surrounding the remote worker — especially for businesses that hadn't had robust remote work toolings in place to begin with — is significant. Many businesses had to prioritize new IT and security projects to accommodate new solutions to handle a remote workforce, according to a new report from McKinsey. WIRED wrote of the technical shortcomings schools faced before COVID arrived, which were exacerbated by the abrupt shift to online learning. And for enterprises that had not moved to a fully digital world, the rush to do so — which was an impressive accomplishment, to be sure — opened security gaps that need to be addressed now. At Black Hat virtual, we need to ensure we collaborate to stay protected as bad actors always follow the money. For instance, DHS and the Cybersecurity and Infrastructure Security Agency published an alert on how threat actors are taking advantage of COVID to put a new face on familiar, classic attack vectors.

What concerns me the most about the moment we're in right now is that the bad actors are getting more sophisticated by the day. The simple attacks don't work as often anymore. I've seen this script numerous times in the course of my career when I look at the work our research teams publish. What worked six months ago may not work now. The only way we can fight back against a more sophisticated opponent is through knowledge-sharing and collective protection, both formal and informal. I'm grateful that the Black Hat community is there to swap war stories of how we've succeeded — and failed — against adversaries. Those conversations, even digitally, will make the difference. Cybersecurity is a team sport.

The conversations that the cybersecurity community will have at this year's Black Hat (and at the subsequent DEF CON) will be instrumental in shaping how we all respond going forward as the world has changed. It's our responsibility, as a security community, to take this digital conference just as seriously as we would take an in-person one. We need to collaborate with the practitioners, decision-makers, and yes, even vendors to work together collectively against attackers.

Looking on the bright side, a digital event will make life infinitely easier for attendees and vendors in a lot of ways. Attendees will be able to participate in virtual one-on-one meetings as well as visit more panels and breakouts than they might have at a traditional physical event, as will vendors. Not to mention, of course, the airfare and hotels. I myself am planning to spend much of my time in virtual meetings with our technical teams and customers, and in our virtual booth, because the conversations you have there are often the most authentic ones in the whole event.

What I will miss the most is directly engaging face-to-face with customers who have become friends, catching up with fellow security leaders, and discovering new ways we can all help the security ecosystem get stronger. I have been impressed by Black Hat's efforts to try to replicate this virtually, as I can't imagine how difficult it is to pull this off in a matter of months, but I'm fully expecting this year's virtual event to be as consequential as any other.

Related Content:

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Dan has more than 20 years of executive-level experience in the technology and cybersecurity markets. He is the CMO at White Ops and has previously worked for large enterprise cybersecurity companies Digital Shadows, Invincea (acquired by Sophos), and vArmour, successfully ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24376
PUBLISHED: 2021-06-21
The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a directory w...
CVE-2021-24377
PUBLISHED: 2021-06-21
The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to protect against RCE as a race condition can be achieved in between the moment the file is extracted on t...
CVE-2021-24378
PUBLISHED: 2021-06-21
The Autoptimize WordPress plugin before 2.7.8 does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privilege user to upload a malicious file containing JavaScript code inside an archive which will execute w...
CVE-2021-24379
PUBLISHED: 2021-06-21
The Comments Like Dislike WordPress plugin before 1.1.4 allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some...
CVE-2021-24383
PUBLISHED: 2021-06-21
The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue