Your Guide To Black Hat Bsides 2022

Your Guide to Black Hat & BSides 2022 

Arraya Insights | September 19, 2022

InfoSec conventions are a great way to learn about the latest in the cyber industry through workshops, presentations, and competitions, in addition to meeting and networking with like-minded people. However, summer is a busy time, and we know not everyone was able to make it to this year’s Black Hat and BSides conventions, which were both held in person in Las Vegas.   

Arraya’s Mike Piekarski, Enterprise Security Architect, and Scott Brion, Director of Cyber Security, attended both conventions and rounded up a summary of the most notable sessions and news to keep you in the loop.  

As you work on your morning coffee, here are key topics you may have missed from this summer’s Black Hat & BSides conventions:  

Black Hat US 2022

Harm Reduction: A Framework for Effective & Compassionate Security Guidance 

Rather than taking an unrealistic all-or-nothing approach to your cyber security, harm reduction focuses on decreasing the negative consequences of high-risk behaviors without requiring abstinence.  

As fully eradicating risk-taking behavior is not possible, this session focused on harm reduction strategies that offer a more pragmatic approach to security that will ultimately be more effective.  

You can review the presentation slides here

In Need of ‘Pair’ Review: Vulnerable Code Contributions by GitHub Copilot 

GitHub’s tool, Copilot, is an AI-based Pair Programmer. As most of the code for Copilot was written by humans, there are several bugs, outdated coding practices, and insecurities that make the code suggestions it generates questionable.  

This discussion broke down the various ways in which GitHub Copilot is susceptible to writing vulnerabilities. You can take a look at the presentation slides or the whitepaper here.  

The Cyber Safety Review Board: Studying Incidents to Drive Systemic Change 

This session discussed the Cyber Safety Review Board’s analysis of the Log4j vulnerability and how industries and government can implement the latest recommendations on addressing this vulnerability.  

Among the key recommendations that came out of the CSRB report was the need for Software Bill of Materials (SBOM) which would give organizations a better understanding of their IT assets. With Log4j, it was difficult for organizations to locate the risks within their own environment.  

Smishmash – Text-Based 2fa Spoofing Using OSINT, Phishing Techniques, and a Burner Phone 

Due to the recent increase in attacks circumventing text based 2fa, this session focused on how attackers can gather data from public sources and connect phone numbers used for 2fa to other leaked credentials. Presenters simulated an attack and showed real methods threat actors are using.  

You can view the slides from the presentation here.  

Backdooring and Hijacking Azure AD Accounts by Abusing External Identities 

Azure Active Directory’s external identities give external or guest users access to certain resources for collaboration within the organization.  

This discussion went over how external identities work, how these identities can be exploited, and how to harden against these types of attacks.  

The presentation’s slide material is available here or you can read more about this session in this recent article.   

BSides 2022

So You Wanta Build a C2? 

iDigitalFlame took attendees through the process of building their own C2 framework XMT. This session covered how to build your own networking protocol and defensive evasion with the latest techniques, along with a demo of it in action.  

You can watch the entire session here on YouTube.  

Next Steps: Stay at the Forefront of the Cyber Industry 

The cyber industry moves fast, and staying on top of the latest trends, technologies, and techniques isn’t always easy. However, InfoSec or hacking conventions are a great place to share ideas and learn from some of the brightest in the industry.  

To learn more about InfoSec conventions in general, check out our previous blogs: 

To learn more about the Arraya Cyber Team and our cyber security solutions, contact one of our experts today.  

Visithttps://www.arrayasolutions.com/contact-us/ to connect with our team now.     

Comment on this and all of our posts on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.