It’s that time of year again, when hackers and security professionals begin their annual pilgrimage to tech mecca: DEF CON 26, BSides and Black Hat, affectionately known to industry insiders as “Hacker Summer Camp.” All of us here at ZeroNorth wanted to share our thoughts, advice and predictions on this year’s hot and trendy topics to help you get the most out of the summer camp experience this year.
- Protect your company’s data as well as your own. You ARE at hacker conferences. This is the time of year when most vendors advocate using a “burner phone” and wearing a full Faraday cage underneath your suit jacket. While we think that’s a bit extreme, we can advise you to stay off the public networks, or even better disable wifi altogether. If you can’t do that, please make sure to use a VPN at all times. You won’t be happy if your personal passwords end up on DEF CON’s infamous “Wall of Sheep” or even worse, your employer won’t be happy if their internal network is breached.
- Be prepared to hear about Equifax and Heartland Payment Systems A LOT. The Trustwave SIEM was declared dead in an RSA keynote a few years ago, and this year’s mega-breach lawsuits around Heartland has put the nails in the coffin.
- IoT. Botnets. Don’t act surprised. IoT was a hot topic last year and with no less than four different IoT talks, in conjunction with takedowns of the world’s largest IoT botnets this year, it will be THE hot topic again this year.
- Evil AI. From simple PoC code of Google’s TensorFlow being chained to Metasploit, to nation states applying machine learning to their big datasets, expect to hear about bad actors weaponizing AI and ML.
- X86 bugs. This was the year of hardware side-channel attacks. From Spectre and Meltdown to other speculative side channel attacks, there will be new research presented at Black Hat that will supposedly demonstrate new bugs that lead to privilege escalation. Expect major fallout from this post conference.
The ZeroNorth team will also be attending camp this summer so let us know if you would like to connect before, during or after the fun.