Visit us at McAfee Booth #914
Black Hat is the world’s leading producer of information security events. The flagship conference, Black Hat USA, returns to Las Vegas for its 22nd year with a six day program.
- Aug 3-6: Hands-on, skill-building training (over 70+ courses to choose from)
- Aug 7-8: Main Conference covering ground-breaking research, demos, and the Business Hall (expo)
McAfee Booth #914
Expo Hours
McAfee Booth #914 | ||
---|---|---|
Wednesday, Aug 7, 2019 | 10:00 am – 7:00 pm | Expo Open Reception 5:30 – 7:00 The Welcome Reception is open to all Black Hat pass holders. |
Thursday, Aug 8, 2019 | 10:00 am – 5:00 pm | Expo Open |
McAfee @ Black Hat:
Date and Time | Session | Speaker | Session Abstract |
---|---|---|---|
Tuesday August 6 5:00PM to 5:55PM |
BSides Las Vegas - Underground Track | Anne An, Security Researcher - McAfee | China as the new Russia? Analyzing Similarities and Differences of Chinese Threat Actors from their Russian Counterparts Chinese underground cybercrime profits exceeded US$15.1 billion in 2017, while causing more than $13.3 billion worth of damage relating to data loss, identity theft and fraud. Over the years, Chinese non-state threat actor groups have gradually transformed from small local networks targeting mostly Chinese businesses or citizens to larger and well-organized criminal groups capable of hacking international organizations. The development of commercial-scale exploit toolkits and criminal networks that focus on monetization of malware have amplified the growing risks of cybercrime in the region to include a DDoS attack against the People’s Bank of China in December 2013, $1 billion SWIFT hack against Bangladesh Bank in February 2016, $14 million theft from Far Eastern International Bank in Taiwan in October 2017, to name just a few. How do the increased complexity and scope of attacks by Chinese non-state threat actors signal a new level of cyber threats emanating from China? How do Chinese cybercriminals compare to their Russian counterparts, and are they using a similar playbook? What is the impact on businesses in the Asia Pacific region and around the world? What new challenges do these developments pose against law enforcement agencies as they strive to detect, prevent, and mitigate cyberthreats? |
Wednesday August 7 12:40PM - 1:30PM Business Hall, Theatre B |
Internet of Threats – The Current State of the IoT Device Security | Steve Povolny, Head of Advanced Threat Research - McAfee | It’s tough to name a modern device without an IP address. From smart toasters to industrial control systems, everything comes connected. While we celebrate the automation connectivity brings, we need to reflect on the dangers and whether or not the IoT has kept cybersecurity in mind. |
Thursday, August 8 1:00PM – 1:45 PM DC101, Paris Theatre |
DEF CON Demo: Intro to Embedded Hacking – How you too can find a decade old bug in widely deployed devices. | Philippe Laulheret, Security Researcher – McAfee | From small business to large enterprise, VOIP phones can be found on nearly every desk. But how secure are they? What if your phone was spying on every conversation you have? This talk is an introduction to hardware hacking and as a case study I’ll use the [REDACTED] Deskphone, a device frequently deployed in corporate environments. I’ll use it to introduce the tools and methodology needed to answer these questions. During this talk, attendees will get a close up look at the operations of a hardware hacker, including ARM disassembly, firmware extraction using binwalk, micro-soldering to patch an EEPROM and get a root shell over UART, and ultimately uncover an already known decade-old bug that somehow remained unnoticed in the device’s firmware. Beyond the case study I will also address alternative tactics; some did not work, others may have but were not the lowest-hanging fruit. When it comes to hardware hacking, the process is as important as the result; knowing that there are multiple ways to reach the end goal helps researchers remain confident when hurdles arise. After the talk, attendees will have an increased distrust towards always-on devices; however, they will have the background knowledge to investigate the products and systems they encounter daily. |
Friday, August 9 1:00PM - 1:45PM Track 2 |
DEF CON Demo: HVACking: Understand the Difference Between Security and Reality! | Douglas McKee, Security Researcher – McAfee Mark Bereza, Security Research – McAFee |
Like most modern devices, building controllers have increasingly become network connected, exposing them to a wider range of threats. If malicious actors could manipulate access control systems, boiler rooms, or temperature control for critical industrial systems, the potential for catastrophic damage is extreme. McAfee's ATR team has discovered a 0-day vulnerability in a major building controller. This controller is a fully programmable native BACnet™ device designed to manage a wide range of building systems. By modifying BACnet broadcast traffic, a buffer overflow can be leveraged into a write-what-where (WWW) condition. This WWW leads to execution control, providing the attacker with a root shell and complete control over the device remotely. Because this attack vector is through BACnet broadcast traffic, there is no authentication mechanism for the target device, allowing anyone on the same network to communicate with it directly and exploit the vulnerability without authentication. Currently, there are over 500 of these devices connected to the internet running in BACnet/IP Broadcast Management Device (BBMD) mode. Utilizing this mode, broadcast traffic can travel over the internet, increasing the potentially devastating impact of this vulnerability. This presentation will include a deep technical analysis of the vulnerability discovery process and demos illustrating an attack in a critical scenario. Finally, we will discuss the steps taken by the vendor to patch this vulnerability and demonstrate its effectiveness. |
August 8 – August 11 | ICS Village @ DEF CON | Douglas McKee, Security Researcher – McAfee Mark Bereza, Security Research – McAFee Steve Povolny, Head of Advanced Research - McAfee |
The ICS Village equips industry and policymakers to better defend industrial equipment through experiential awareness, education, and training. McAfee ATR will showcase their working demo of a building controller vulnerability |
Black Hat Newsletter - Interview | Christiaan Beek, Lead Scientist and Sr. Principal Engineer – McAfee | https://www.blackhat.com/sponsor-interview/05302019.html |
McAfee Demo Stations: 4 Total
Endpoint Protection Platform / MVISION EDR
- McAfee® MVISION ePO™
- McAfee® MVISION Endpoint
- McAfee® MVISION Mobile
- McAfee® MVISION EDR
- Supercharging Security Orchestration/Automation Using DXL Integrations
- Cloud Security that Accelerates Business
- Device to Cloud Web and Data Protection
McAfee Theatre Schedule
Wednesday, August 7, 2019 | |||
---|---|---|---|
Time | Presentation | Presenter/s | Presentation Title |
10:00am - 10:15am | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
Ted Pan, Product Marketing Engineer | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
10:30am - 10:45am | Digital Defense | Sanjay Raja, Senior Director Strategic Technical Partnerships | How to augment your endpoint protection w/ agentless threat sweeping |
11:00am - 11:15am | Cloud | Nick Shelly, SE, McAfee | IaaS Security Breakdown |
11:30am - 11:45 | Menlo Security | Lennart van den Ende, VP SE Menlo Security | A New Approach to Malware Prevention - Don't Detect, Isolate |
12:00pm - 12:15pm | Cloud | Maka Guerrero, Sr. Security Engineer, Pacific Dental Services | Cloud Security Q&A |
12:30pm - 12:45 | CISCO | Brian Gonsalves, CISCO, Sr. Manager, Product Mgmt & Business Dev. | Cisco ISE and McAfee Endpoint Orchestration Use Cases |
1:00pm - 1:15pm | DB Cybertech | Dave Rosenberg, CTO, Products, and co-founder for DB Cybertech | Next Generation Predictive Security Solutions |
1:30pm | Raffle | Paul Traynor | |
2:00pm - 2:15pm | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
Ted Pan, Product Marketing Engineer | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
2:30pm - 2:45 | BeyondTrust | Brian Chappell, Sr. Manager, Product Management & Business Devevelopment | Check Your Privilege: BeyondTrust & McAfee ePolicy Orchestrator |
3:00pm - 3:15pm | Cloud | Maurice Stebila, CISO, Harman | Cloud Security Q&A |
3:30pm - 3:45 | Seclore | Andrew Johnson, VP, Business and Corporate Development | Discover and Automatically Protect Sensitive Files – with McAfee & Seclore |
4:00pm - 4:15pm | Device-to-Cloud Data and Web Protection | Tarun Mann, Enterprise Technology Specialist | Device-to-Cloud Data and Web Protection |
4:30pm - 4:45pm | Raffle | Paul Traynor | |
5:00pm - 5:15pm | Cloud | Brooke Noelke, Cloud Architect, McAfee | McAfee’s Cloud Security Journey |
5:30pm - 5:45pm | Indegy | Joel Silberman, Indegy & Mark Mastrangeli, McAfee | Convergence of IT/OT Networks |
6:00pm - 6:15pm | Cloud | Nick Shelly, SE, McAfee | IaaS Security Breakdown |
6:30pm - 6:45pm | Device-to-Cloud Data and Web Protection | George Bivens, Product Marketing Engineer | Device-to-Cloud Data and Web Protection |
6:45pm - 7:00pm | Raffle | Paul Traynor | |
Thursday, August 8, 2019 | |||
Time | Presentation | Presenter/s | Presentation Title |
10:00am - 10:15am | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
Ted Pan, Product Marketing Engineer | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
10:30am - 10:45am | IBM | Dan Schofield, IBM Security Technology Alliances | Security & McAfee: Responding to Threats Faster |
11:00am - 11:15am | Device-to-Cloud Data and Web Protection | Tarun Mann, Enterprise Technology Specialist | Device-to-Cloud Data and Web Protection |
11:30am - 11:45 | Swimlane | Mike Mitchell, Director, Sales Architecture and Engineering | SOAR for the Suite: McAfee and Swimlane |
12:00pm - 12:15pm | Raffle | Paul Traynor | |
12:30pm - 12:45 | Cloud | Maurice Stebila, CISO, Harman | Cloud Security Q&A |
1:00pm - 1:15pm | ThreatQuotient | Christian Galladora, Threat Intelligence Engineer | "Taking the Right Actions Faster: Enhanced Threat Intelligence in McAfee Deployments", and will be based off of the white paper on https://www.threatq.com/integrations/mcafee/. |
1:30pm - 1:45pm | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
Ted Pan, Product Marketing Engineer | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
2:00pm - 2:15pm | ServiceNow | Natasha Gupta | Automating Malware Playbooks with ServiceNow and McAfee |
2:30pm - 2:45pm | Raffle | Paul Traynor | |
3:00pm - 3:15pm | Device-to-Cloud Data and Web Protection | George Bivens, Product Marketing Engineer | Device-to-Cloud Data and Web Protection |
3:30pm - 3:45pm | CheckPoint | Jason Min | Network and Endpoint Automation Through Intelligence Sharing |
4:00pm - 4:15pm | Cloud | Brooke Noelke, Cloud Architect, McAfee | McAfee’s Cloud Security Journey |
4:30pm - 4:45pm | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
Ted Pan, Product Marketing Engineer | MVISION ePO™
MVISION Endpoint MVISION Mobile MVISION EDR |
4:45pm - 5:00pm | Capture the Flag Winner / Raffle | Paul Traynor |