informa
News

Dark Reading Video News Desk Comes to Black Hat Europe

While attendees join Black Hat Europe 2021 virtually and live in London, we bring you prerecorded interviews from remote offices around the world.

Nov. 10, 2021 — The Dark Reading News Desk has, in past years, come to you live from Black Hat with live video interviews featuring top security researchers who discuss the details of their presentations at the show. But as the world has changed, so too has our News Desk.

The Dark Reading News Desk went virtual at last year's Black Hat USA during the event's first-ever virtual conference, and we kept the format for this year's hybrid event as some attendees traveled to Las Vegas and some joined from home. This week, the virtual News Desk will bring you prerecorded interviews with the security experts presenting at Black Hat Europe 2021, another hybrid event that will be both virtual and live at the ExCel in London.

These interviews will begin going live at Black Hat Virtual and on Dark Reading on Wednesday, Nov. 10, at 11:00AM GMT/6:00AM EST. Black Hat Europe attendees watching remotely can find them under the show's "Dark Reading News Desk" tab. If you don't have a conference pass, you can keep an eye on this page, where videos will be uploaded on Nov. 10 and Nov. 11.

Below is the programming schedule for the 2021 Dark Reading News Desk at Black Hat Europe:

DAY 1: Wednesday, Nov. 10

APTs Telework, Too: Examining Attackers' Use of VPN Exploits: A senior incident response consultant with Mandiant discusses how VPN devices were often targeted as employees relied more heavily on them during the COVID-19 pandemic, as well as attackers behind some of these incidents and why VPN-focused attacks can go undetected (for more details, read Kelly Sheridan's piece on Dark Reading).

Watch now:


There is No Simple Solution for Defeating Magecart:  Researchers found tens of thousands of vulnerable assets vulnerable to Magecart attacks. Dr. Nathanel Gelertner explains why Magecart is such a pervasive threat – and what enterprises can do to defend against it.

Watch now:

Building a New Culture of Research Transparency in Security: Researcher will release a data set that can be used to test machine learning algorithms and establish common benchmarks to foster transparency and open critique.

Researchers Explore the State of Mobile Wallet Security: Mobile wallets are considered by many to be state-of-the-art when it comes to payment security. Researchers explored the world of contactless payments on mobile wallets, and the infrastructure behind them, to reveal consumers may not be as well-protected as they believe (for more details, read Kelly Sheridan's piece on Dark Reading).

Watch now:

How Attackers Can Hack a Smart Building: Researchers use a model smart building to demonstrate what exactly a hacker could do in an attack targeting a smart building via vulnerable TCP/IP implementations in the network, OT, and Internet of Things systems.

Watch now:

Think That Kernel Bug is Low Risk? Think Again: Researchers at Black Hat Europe outline how seemingly low-risk or no-risk kernel bugs can be easily escalated into memory corruption vulnerabilities.

Watch now:



DAY 2: Thursday, Nov. 11

How to Negotiate after a Ransomware Attack: Researchers scrutinize how ransomware gangs decide how much to demand for ransom and how they negotiate with their victims to develop some tips organizations can keep in mind in case of a ransomware infection.

Watch now:

Practical HTTP Header-Smuggling: Sneaking Past Reverse-Proxies to Attack AWS & Beyond: Researcher will provide a free tool to scan Web servers for weaknesses that could allow an attacker to sneak malicious code to back-end servers (for more details, read Kelly Jackson Higgins' piece on Dark Reading).

Watch now:

How Behavioral Psychology Can Build A Stronger Incident Response Team: Incident response teams rely on technical and social skills to succeed, though technical skills are often prioritized at the expense of communication and teamwork development. A comprehensive study of incident response teams has led to the development of a framework organizations can use to apply principles of behavioral psychology to strengthen their teams (for more details, see Kelly Sheridan's piece on Dark Reading).

Watch now:

New 'Glitching' Attack Manipulates Voltage to Hack AMD's Secure Processor: Researchers from Technische Universität Berlin detail an inexpensive hardware attack that allows them to cheat the security features of both AMD's Secure Processor and its Secure Encrypted Virtualization Technology.

Watch now:

Read Between the Lines: Finding Flaws in EPUB Reading Systems: EPUB, the most popular open e-book format, is supported by free applications on many devices. A team of researchers from KU Leuven analyzed EPUB reading applications and physical e-readers to find many applications are not compliant with the security recommendations of the EPUB specification, and malicious e-books could put readers at risk (for more details, see Kelly Sheridan's piece on Dark Reading).

Watch now:

Defending the Open Source Software Supply Chain: Researchers show how they can tamper with lockfiles to hide malicious code in open source contributions to avoid detection during review, and release a tool for blue teams to verify the integrity of the lockfile.

Watch now:

How ChaosDB Compromised Thousands of Azure Databases: It’s the stuff out of every company’s worst security nightmare: A vulnerability in cloud database platform Azure Cosmos DB could potentially be exploited to affect every customer on the same platform. Speakers discuss mitigation and best practices learned for improving cloud services.

Watch now:

Recommended Reading: