7 Sessions You Shouldn’t Miss at Black Hat USA 2022

Next week, the Nucleus team is off to Las Vegas for one of the biggest Cybersecurity conferences of the year, Black Hat USA 2022. 

This multi-day event brings together some of the top professionals in the security industry across public and private sectors, and for years it has been one of the best events of the year for security professionals to connect with one another and learn about the current and future state of the industry. 

This year, not only will Nucleus be attending the event as an exclusive Innovation Center exhibitor, but we will also be covering top moments of the conference on our blog and social media accounts, including on-the-ground interviews with industry leaders and recaps of the most notable industry sessions. 

Here’s a quick overview of the not-to-be-missed Black Hat sessions that are on our radar for next week. If you’re attending the conference, be sure to add these to your schedule (and say hello if you see us in our Nucleus swag). Not going to be in Vegas? No worries – follow Nucleus on LinkedIn and Twitter to catch our top live takeaways and insights from these notable sessions. 

A Fully Trained Jedi, You Are Not 

Date: Wednesday, August 10 | 11:20am-12:00pm (Mandalay Bay GH – Level 2) 

Many organizations are trying to integrate security into their development processes earlier and earlier, and it’s important that software and operations engineers fully understand the learning behind this move in order to build more secure systems. During this session, Adam Shostack, President of Shostack & Associates, will offer knowledge scaffolding and tiered approaches to learning (including takeaways on the structure and tools needed to get there) so that engineers can have fewer recurring problems that are trivially attackable. 

In Need of ‘Pair’ Review: Vulnerable Code Contributions by GitHub Copilot 

Date: Wednesday, August 10 | 1:30pm-2:10pm (South Seas CD – Level 3) 

GitHub recently announced their ‘Copilot’ tool – an ‘AI-based Pair Programmer’ that has been trained over vast quantities of open-source GitHub code. However, what many people don’t realize is that, because humans wrote most of that code, it is only natural that it has human-made bugs, outdated coding practices, and maybe even repositories that contain dangerously insecure code. Therefore, is it reasonable to suggest that the code will also generate unreliable code? This talk will explore just that. 

(Long) Dragon Tails – Measuring Dependence on International Vulnerability Research 

Date: Wednesday, August 10 | 2:30pm-3:00pm (Islander FG – Level 1) 

The Chinese research community is pretty well known for its security prowesses, from bug discovery exploits at the Tianfu Cup to prominent research labs like Qihoo 360. However, recent laws passed that give the Chinese government early access to the community’s discoveries have many people demanding a more thorough accounting. This session aims to address the implications of these laws for infosec, as well as the wider policy environment, including selected recommendations on how to address the ‘supply shock’ of vulnerabilities from this research community. 

RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise 

Date: Wednesday, August 10 | 3:20pm-4:00pm (Lagoon HI – Level 2) 

CI/CD pipelines are some of the most dangerous potential attack surfaces of software supply chains. In this session, you’ll be getting a deep dive look into the why, including the sorts of technologies frequently encountered in these attacks, how they’re used, and why they are usually the most valued targets in your company’s infrastructure. The session will also be sharing key defensive takeaways that you can immediately apply to your own development environments. 

“No Mr. Cyber Threat!” – A Psychological Approach To Managing the Fail-to-Challenge Vulnerability 

Date: Thursday, August 11 | 1:30pm-2:10pm (Lagoon KL -Level 2) 

If an individual walked into your workplace with a neon t-shirt that said “CHALLENGE ME” across their chest, would you classify them as a potential threat for engineering risky behaviors, like using employee laptops or plugging in unauthorized USB devices? Someone like this would just be asking to get caught, right? Enter: the “Malicious Floorwalker,” an exercise designed to spot and manage human vulnerabilities, rather than just uncovering them, by putting people at the heart of their own story around challenging a threat. This session will give an overview of this helpful exercise so you can better manage the fail-to-challenge vulnerability across your organization. 

Process Injection: Breaking All macOS Security Layers With a Single Vulnerability 

Date: Thursday, August 11 | 10:20am-11:00am (South Seas CD – Level 3) 

CVE-2021-30873 is a process injection vulnerability reported to Apple that affected all macOS applications, but before they can completely fix this vulnerability, changes will need to be made to all third-party applications, as well. This session will not only be walking through what a process injection vulnerability is and how it critically impacts macOS, but also the details behind this vulnerability, including the techniques developed to exploit insecure deserialization in macOS.  

The 8th Annual Black Hat USA NOC Report 

Date: Thursday, August 11 | 3:20pm-4:00pm (Mandalay Bay GH – Level 2) 

Last, but not least, the Black Hat NOC is back again this year to share all of the data that keeps them both puzzled and entertained year after year as a result of their NOC report. As usual, they’ll be sharing some of the more humorous network activity they have seen and what they have learned about the way security professionals conduct themselves on an open WiFi network. They’llk also be sharing the tools and techniques they are using to set up, stabilize, and secure their network, and what improvements and changes they have made over the course of the year.