Black Hat 2019

Black Hat (USA) 2019 | Las Vegas | August 3 - 8 | Mandalay Bay

 

Visit us at McAfee Booth #914

Black Hat is the world’s leading producer of information security events. The flagship conference, Black Hat USA, returns to Las Vegas for its 22nd year with a six day program.

  • Aug 3-6: Hands-on, skill-building training (over 70+ courses to choose from)
  • Aug 7-8: Main Conference covering ground-breaking research, demos, and the Business Hall (expo)

Quick Links:

 

McAfee Booth #914

Black Hat 2019 Map

 

Expo Hours

McAfee Booth #914
Wednesday, Aug 7, 2019 10:00 am – 7:00 pm Expo Open
Reception 5:30 – 7:00
The Welcome Reception is open to all Black Hat pass holders.
Thursday, Aug 8, 2019 10:00 am – 5:00 pm Expo Open

 

 

McAfee @ Black Hat:

Date and Time Session Speaker Session Abstract
Tuesday August 6
5:00PM to 5:55PM
BSides Las Vegas - Underground Track Anne An, Security Researcher - McAfee

China as the new Russia? Analyzing Similarities and Differences of Chinese Threat Actors from their Russian Counterparts

Chinese underground cybercrime profits exceeded US$15.1 billion in 2017, while causing more than $13.3 billion worth of damage relating to data loss, identity theft and fraud. Over the years, Chinese non-state threat actor groups have gradually transformed from small local networks targeting mostly Chinese businesses or citizens to larger and well-organized criminal groups capable of hacking international organizations. The development of commercial-scale exploit toolkits and criminal networks that focus on monetization of malware have amplified the growing risks of cybercrime in the region to include a DDoS attack against the People’s Bank of China in December 2013, $1 billion SWIFT hack against Bangladesh Bank in February 2016, $14 million theft from Far Eastern International Bank in Taiwan in October 2017, to name just a few. How do the increased complexity and scope of attacks by Chinese non-state threat actors signal a new level of cyber threats emanating from China? How do Chinese cybercriminals compare to their Russian counterparts, and are they using a similar playbook? What is the impact on businesses in the Asia Pacific region and around the world? What new challenges do these developments pose against law enforcement agencies as they strive to detect, prevent, and mitigate cyberthreats?

Wednesday August 7
12:40PM - 1:30PM
Business Hall, Theatre B
Internet of Threats – The Current State of the IoT Device Security Steve Povolny, Head of Advanced Threat Research - McAfee

It’s tough to name a modern device without an IP address. From smart toasters to industrial control systems, everything comes connected. While we celebrate the automation connectivity brings, we need to reflect on the dangers and whether or not the IoT has kept cybersecurity in mind.
Spoiler Alert: It hasn’t

Hacking a coffee pot may not seem like a significant event. For a cybercriminal, however a connected device is often the easiest entry point to a network. This talk will feature real demos of compromised devices using zero-day vulnerabilities and cover the corresponding impact of exploitation in consumer and enterprise environments.
Thursday, August 8
1:00PM – 1:45 PM
DC101, Paris Theatre
DEF CON Demo: Intro to Embedded Hacking – How you too can find a decade old bug in widely deployed devices. Philippe Laulheret, Security Researcher – McAfee From small business to large enterprise, VOIP phones can be found on nearly every desk. But how secure are they? What if your phone was spying on every conversation you have? This talk is an introduction to hardware hacking and as a case study I’ll use the [REDACTED] Deskphone, a device frequently deployed in corporate environments. I’ll use it to introduce the tools and methodology needed to answer these questions. During this talk, attendees will get a close up look at the operations of a hardware hacker, including ARM disassembly, firmware extraction using binwalk, micro-soldering to patch an EEPROM and get a root shell over UART, and ultimately uncover an already known decade-old bug that somehow remained unnoticed in the device’s firmware. Beyond the case study I will also address alternative tactics; some did not work, others may have but were not the lowest-hanging fruit. When it comes to hardware hacking, the process is as important as the result; knowing that there are multiple ways to reach the end goal helps researchers remain confident when hurdles arise. After the talk, attendees will have an increased distrust towards always-on devices; however, they will have the background knowledge to investigate the products and systems they encounter daily.
Friday, August 9
1:00PM - 1:45PM
Track 2
DEF CON Demo: HVACking: Understand the Difference Between Security and Reality! Douglas McKee, Security Researcher – McAfee
Mark Bereza, Security Research – McAFee
Like most modern devices, building controllers have increasingly become network connected, exposing them to a wider range of threats. If malicious actors could manipulate access control systems, boiler rooms, or temperature control for critical industrial systems, the potential for catastrophic damage is extreme. McAfee's ATR team has discovered a 0-day vulnerability in a major building controller. This controller is a fully programmable native BACnet™ device designed to manage a wide range of building systems. By modifying BACnet broadcast traffic, a buffer overflow can be leveraged into a write-what-where (WWW) condition. This WWW leads to execution control, providing the attacker with a root shell and complete control over the device remotely. Because this attack vector is through BACnet broadcast traffic, there is no authentication mechanism for the target device, allowing anyone on the same network to communicate with it directly and exploit the vulnerability without authentication. Currently, there are over 500 of these devices connected to the internet running in BACnet/IP Broadcast Management Device (BBMD) mode. Utilizing this mode, broadcast traffic can travel over the internet, increasing the potentially devastating impact of this vulnerability. This presentation will include a deep technical analysis of the vulnerability discovery process and demos illustrating an attack in a critical scenario. Finally, we will discuss the steps taken by the vendor to patch this vulnerability and demonstrate its effectiveness.
August 8 – August 11 ICS Village @ DEF CON Douglas McKee, Security Researcher – McAfee
Mark Bereza, Security Research – McAFee
Steve Povolny, Head of Advanced Research - McAfee
The ICS Village equips industry and policymakers to better defend industrial equipment through experiential awareness, education, and training. McAfee ATR will showcase their working demo of a building controller vulnerability
Black Hat Newsletter - Interview Christiaan Beek, Lead Scientist and Sr. Principal Engineer – McAfee https://www.blackhat.com/sponsor-interview/05302019.html

 

 

McAfee Demo Stations: 4 Total

  • Endpoint Protection Platform / MVISION EDR

    • McAfee® MVISION ePO™
    • McAfee® MVISION Endpoint
    • McAfee® MVISION Mobile
    • McAfee® MVISION EDR
  • Supercharging Security Orchestration/Automation Using DXL Integrations
  • Cloud Security that Accelerates Business
  • Device to Cloud Web and Data Protection

 

 

McAfee Theatre Schedule

Wednesday, August 7, 2019
Time Presentation Presenter/s Presentation Title
10:00am - 10:15am MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
Ted Pan, Product Marketing Engineer MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
10:30am - 10:45am Digital Defense Sanjay Raja, Senior Director Strategic Technical Partnerships How to augment your endpoint protection w/ agentless threat sweeping
11:00am - 11:15am Cloud Nick Shelly, SE, McAfee IaaS Security Breakdown
11:30am - 11:45 Menlo Security Lennart van den Ende, VP SE Menlo Security A New Approach to Malware Prevention - Don't Detect, Isolate
12:00pm - 12:15pm Cloud Maka Guerrero, Sr. Security Engineer, Pacific Dental Services Cloud Security Q&A
12:30pm - 12:45 CISCO Brian Gonsalves, CISCO, Sr. Manager, Product Mgmt & Business Dev. Cisco ISE and McAfee Endpoint Orchestration Use Cases
1:00pm - 1:15pm DB Cybertech Dave Rosenberg, CTO, Products, and co-founder for DB Cybertech Next Generation Predictive Security Solutions
1:30pm Raffle Paul Traynor  
2:00pm - 2:15pm MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
Ted Pan, Product Marketing Engineer MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
2:30pm - 2:45 BeyondTrust Brian Chappell, Sr. Manager, Product Management & Business Devevelopment Check Your Privilege: BeyondTrust & McAfee ePolicy Orchestrator
3:00pm - 3:15pm Cloud Maurice Stebila, CISO, Harman Cloud Security Q&A
3:30pm - 3:45 Seclore Andrew Johnson, VP, Business and Corporate Development Discover and Automatically Protect Sensitive Files – with McAfee & Seclore
4:00pm - 4:15pm Device-to-Cloud Data and Web Protection Tarun Mann, Enterprise Technology Specialist Device-to-Cloud Data and Web Protection
4:30pm - 4:45pm Raffle Paul Traynor  
5:00pm - 5:15pm Cloud Brooke Noelke, Cloud Architect, McAfee McAfee’s Cloud Security Journey
5:30pm - 5:45pm Indegy Joel Silberman, Indegy & Mark Mastrangeli, McAfee Convergence of IT/OT Networks 
6:00pm - 6:15pm Cloud Nick Shelly, SE, McAfee IaaS Security Breakdown
6:30pm - 6:45pm Device-to-Cloud Data and Web Protection George Bivens, Product Marketing Engineer Device-to-Cloud Data and Web Protection
6:45pm - 7:00pm Raffle Paul Traynor  
Thursday, August 8, 2019
Time Presentation Presenter/s Presentation Title
10:00am - 10:15am MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
Ted Pan, Product Marketing Engineer MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
10:30am - 10:45am IBM Dan Schofield, IBM Security Technology Alliances Security & McAfee: Responding to Threats Faster
11:00am - 11:15am Device-to-Cloud Data and Web Protection Tarun Mann, Enterprise Technology Specialist Device-to-Cloud Data and Web Protection
11:30am - 11:45 Swimlane Mike Mitchell, Director, Sales Architecture and Engineering SOAR for the Suite:  McAfee and Swimlane 
12:00pm - 12:15pm Raffle Paul Traynor  
12:30pm - 12:45 Cloud Maurice Stebila, CISO, Harman Cloud Security Q&A
1:00pm - 1:15pm ThreatQuotient Christian Galladora, Threat Intelligence Engineer "Taking the Right Actions Faster: Enhanced Threat Intelligence in McAfee Deployments", and will be based off of the white paper on https://www.threatq.com/integrations/mcafee/.
1:30pm - 1:45pm MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
Ted Pan, Product Marketing Engineer MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
2:00pm - 2:15pm ServiceNow Natasha Gupta Automating Malware Playbooks with ServiceNow and McAfee
2:30pm - 2:45pm Raffle Paul Traynor  
3:00pm - 3:15pm Device-to-Cloud Data and Web Protection George Bivens, Product Marketing Engineer Device-to-Cloud Data and Web Protection
3:30pm - 3:45pm CheckPoint Jason Min Network and Endpoint Automation Through Intelligence Sharing
4:00pm - 4:15pm Cloud Brooke Noelke, Cloud Architect, McAfee McAfee’s Cloud Security Journey
4:30pm - 4:45pm MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
Ted Pan, Product Marketing Engineer MVISION ePO™
MVISION Endpoint
MVISION Mobile
MVISION EDR
4:45pm - 5:00pm Capture the Flag Winner / Raffle Paul Traynor  

 

 

Back to top