With everything in the world lately seeming to reach end states faster - sometimes referred to as the "super cycle" or accelerationism - cybersecurity professionals must help their organizations "organize to operate," said Black Hat Europe conference founder Jeff Moss at this year's annual event.
Black Hat Europe returns to London with more than 45 keynotes and briefings tackling everything from bootloader bugs and flaws in artificial intelligence and large language model tools, to disrupting fake online brokerages and remotely hacking Volkswagen entertainment systems to track vehicles.
Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.
Network detection and response delivers ground truth in cybersecurity, giving organizations crucial visibility into attacker behavior before, during and after ransomware attacks. Corelight CEO Brian Dye explains how NDR helps security teams verify threats and contain incidents effectively.
SquareX founder Vivek Ramachandran discusses the limitations of secure web gateways, focusing on their inability to handle dynamic, script-based attacks. He emphasizes the need for browser-native security products that offer real-time protection against evolving web threats.
A U.S. strategy for cybersecurity seeks to move responsibility for cybersecurity from individual users to large tech companies. Researchers Alex O'Neill and Lachlan Price explain the global implications of this shift and how corporations such as Google and Microsoft are taking the lead.
Dating apps collect and sell user location data, leading to significant privacy risks. Users are vulnerable to stalking, harassment and even prosecution in certain countries, says Victor Le Pochat, postdoctoral researcher at KU Leuven. Pochat and Dhont called for improved data protection measures.
AI's influence on social engineering and election security has become a focal point at Black Hat. ISMG editors discuss how advanced technologies are making it easier to manipulate people and compromise security systems and offer key insights on machine learning vulnerabilities.
Artificial intelligence, much like when the internet became public, is simultaneously the most overhyped and underhyped technology in history, said Sam Curry, vice president and CISO at Zscaler. Its application in cyber defense is still evolving.
Cybercriminals are exploiting emergency data requests to obtain sensitive personal information from service providers and social media companies, says Jacob Larsen, team lead of security testing and assurance at CyberCX. This flaw in verification protocols puts user privacy at risk.
SafeBreach security researcher Alon Leviev discusses how downgrade attacks expose vulnerabilities in Windows systems. He shares insights into how attackers manipulate Windows Update processes and stresses the importance of monitoring and securing critical system components to prevent exploitation.
SSH is designed for secure communications, but common misconfigurations significantly expose systems to threats, according to Rob King, director of security research at runZero. King discusses the implications of these vulnerabilities, citing real-world breaches and best practices for SSH security.
Russian hackers are leveraging unpatched vulnerabilities to exploit networks for more than 20 months. Michael Sikorski, VP of threat intelligence at Palo Alto Networks, shares insights on ransomware gangs, AI's role in attacks and the importance of defense-in-depth strategies for organizations.
AI systems acting autonomously bring risks of large-scale mistakes that current human defenses can't match, says Matt Turek, deputy director at DARPA. He discusses AI agents, adversarial attacks and the need for provable AI safety in both offensive and defensive capacities.
The SolarWinds case has intensified legal risks for CISOs. A judge validated the SEC's theory of intentional securities fraud against Tim Brown, the SolarWinds' CISO, marking the first time a federal court accepted this theory against a CISO, said Jess Nall, partner at Baker McKenzie.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.