BlackHat 2013 - Top 5 things Grayson is looking forward to at the event

  • 30 July 2013
  • 2 replies

Userlevel 6
Grayson Milbourne and I will be at BlackHat in Las Vegas tomorrow, and I thought I would share the top things he is looking forward to while attending the conference.  Are you going to be attending as well?  Let us know and we would love to meet up and say hi.  Not able to attend?  Head over to and let us know what you would like to know more about and we will ask the right questions to get you all the information we can.
Be sure to follow Grayson and I on Twitter (@RCMelick /@GMilbourne) to keep updated with our daily activities.
One of #5things I am looking forward to at #BlackHat - 'Million Browser Botnet' presentation by @Whitehatsec
— Grayson Milbourne (@gmilbourne) July 29, 2013
Two of #5things I am looking forward to at #BlackHat - 'Pixel Perfect Timing Attacks with HTML5' by Paul Stone
— Grayson Milbourne (@gmilbourne) July 29, 2013
Three of #5things I am looking forward to at #BlackHat - '#Android: One root to own them all' by Jeff Forristal from @BlueBox
— Grayson Milbourne (@gmilbourne) July 29, 2013
Four of #5things I am looking forward to at #BlackHat - 'SSL, Gone in 30 seconds" by Angelo Prado & Neal Harris & Yoel Gluck
— Grayson Milbourne (@gmilbourne) July 29, 2013
Five of #5things I am looking forward to at #BlackHat - Meeting all the great #threat #researchers and #bloggers attending the event.
— Grayson Milbourne (@gmilbourne) July 29, 2013

2 replies

Userlevel 6
I thought I would give everyone an update on our time here at BlackHat.  So far, the event has been a solid mixture of new and old exploits, along with some interesting social observations especially surrounding the keynote speaker, General Alexander of the NSA.  While I will not go into the political conversation surrounding his role and the controversy, I will say that even among the room full of blackhat hackers, the General was confident in delivery and receptive to even some of the most colorful of language.    You can find an article on the presentation on ArsTechnica -
After the keynote was the start of the presentations.  The first few that Grayson and I attended were well rounded and presentations of new ways to analyze and research malware, which was great to see as it shows some advancements in technology that will allow endpoints and networks to become even more protected.  A few tools presented were open source in nature, and utilized social forums focusing on code building to fill in the blanks of samples presented to it's system, thus building a bigger picture of the code data being researched.  It is very interesting to see the lines between social communication and threat research blur.
The presentation we attended before lunch was the most exciting, and probably the most filled out of all of them.  Put on by White Hat Security, it was a demonstration of how ad networks could be used to manipulate browsers to become drive by slaves to a code.  It was interesting to see how something so simple could turn a browser into a drone that is technically doing exactly what it is supposed to do as a program.  Watching the code in action raised more than a few eyebrows in the room as everyone was drawn into the presentation and data.  EWeek has aleady produced an article covering the full speech, which I feel best highlights the data. Link:
So what should users do today to protect themselves? There aren't too many options, but there are a few. Johanson suggests the browser users make use of browser extensions to control what's running. Two tools in particular are NoScript and Request Policy, which explicitly ask the user if they want to enable a script to run and make an external site request. 
This afternoon, Grayson was able to attend a conversation on the practical attack of MDM (mobile) solutions, which focused quite a bit on what happens when a mobile device is left unsecured and is accessed physically by an individual looking to exploit the data.  Grayson has provided a few notes that I would like to highlight below, but the end result coming out of the presentation was that in security is key on mobile devices, and that password protection and encryption (if available) are just additional layers that need to be activated alongside mobile antivirus such as Webroot SecureAnywhere, especially in a BYOD environment.
  • Spyware apps are most dangerous based on the obvious, such as mic recording, gps, sms, data on the device
  • iOS accounted for 33% of incidences of spyphone detections
  • Gartner predicts in the next 5 years, 65% of enterprises will use a MDM solution
  • Layered approach - OS hardening (custom ROM), detection (reroute mobile traffic through NG firewalls), Prevention (whitelist only)
That is it for today everyone.  We have met some great people, including some amazing independent threat researchers, and will continue on tomorrow for a whole slew of other great presentations, including one on the dangers of rogue iOS charging devices.
If you have any questions from the posted information, or any other news you have read about BlackHat, be sure to post below so we can answer them.
Userlevel 7
Black Hat is over, but if you weren't able to attend in person, the fun has only just begun.  Black Hat has the entire archive of all white papers, presentations, source, and videos compiled here.  And it's huge!  This should be enough to keep interested parties busy for weeks.  Enjoy!