We hope you enjoyed the first day of our BlueHat briefings and the Bytes of BlueHat reception in our glamping tent (complete with toasted marshmallows). Yesterday, we learned a lot about how XboxOne hardware security has advanced the state of hardware security elsewhere, we heard some surprising correlations between vuln severity, age, and time to fix, and we saw applications for machine learning for malware detection—as well as some of the attack surface for machine learning and how to protect it. And that’s just a sample: the day was full and we’re looking forward to doing it again today.
Please join us for breakfast at the Showbox SoDo when the doors open at 8:30. At 9:30, we’ll start the day with opening remarks from David Weston, Partner Director of OS security at Microsoft and responsible for the Offensive Security Research Team.
The rest of the day will be our single track of sessions from both Microsoft and our industry partners. Talks will run the gamut of attack vectors and defenses that concern us most today. For a sample, we’ll discuss identity attacks, review what has gone well and what hasn’t in incident response, explore attacks on networking infrastructure, demystify some binary analysis techniques, and probe software timer security. We’ll end the sessions by exploring the attack surface of the Remote Desktop Protocol, including a demo of the BlueKeep exploit.
| Time | Speaker | Session |
|---|---|---|
| 9:35AM - 10:20AM | Dirk-jan Mollema | I’m in your cloud: A year of hacking Azure AD |
| 10:25AM - 11:10AM | John-Luke Peck (CI Security) | Autopsies of Recent DFIR Investigations |
| 11:15AM - 12:00PM | Yueqiang Cheng (Baidu USA) | Aion Attacks: Exposing SGX Software Timers |
| 1:00PM - 1:45PM | Elvis Collado (Exodus Intelligence) | Don’t forget to SUBSCRIBE. |
| 1:50PM - 2:35PM | Jordan Wiens and Peter LaFosse (Vector 35, Inc) | Modern Binary Analysis with ILs |
| 3:05PM - 3:50PM | Tao Yan (Palo Alto Networks) | Pool Fengshui in Windows RDP Vulnerability Exploitation |
| 3:50PM - 4:00PM | Kymberlee Price (Microsoft) | Closing Remarks |
We’ll have a break for lunch (served at the venue) and a 30-minute break in the afternoon, and after we close we will have a happy hour for all our attendees.
Finally, thank you all so much for supporting a food drive for Northwest Harvest SoDo, a local non-profit food bank! The response has been amazing. For the second day, we will have a box at the ShowBox to accept donations of shelf-stable food and diapers.
It’s going to be a great day for BlueHat Seattle. See you soon!