For the first time ever, this year the Black Hat 2020 conference went virtual. However, there were plenty of takeaways from the event, and cybersecurity information in abundance.
Key Takeaways
Exploit Development
Only if there is a broader picture available, threats can be properly defended. Researchers presented their discoveries with regards to vulnerabilities, they revealed the risks related to the ‘human factor’ and also explained how threat actors exploit these vulnerabilities.
DNS Security
With the growing adoption of an approach known as DNS-over-HTTPS (DOH), DNS encryption has come under the limelight in the recent times.
Cybersecurity in the times of COVID-19
Various aspects of cybersecurity have been impacted by the very pandemic that has affected lives across the globe. This scenario is being used by cybercriminals to their advantage as they invoke fear in the minds of their victims. The Rapid Static Analysis approach was also discussed in detail since it can be used to detect the pandemic-themed malspam.
The Passwordless future
Researchers also tackled the subject of a Zero Trust model that involves a passwordless approach. To enable secured access this approach promises to integrate with various types of authentication systems for a safer security experience.
The Threat Directory
- A prominent issue that was discovered was the Influence campaigns. The infosec community needs to actively participate to stop attacks such as social media misinformation campaigns that distract, persuade, entrench, and divide communities.
- With some off the shelf equipment, satellite internet communications are pliant to signal interpretation and eavesdropping by attackers located in far-flung areas.
- A demonstration was displayed on how botnets can be made out of high-wattage connected devices to manipulate the energy market.
- Researchers also exhibited how synthetic media can be created using open-source tools. Attackers can sway public opinion and use generative text to counterfeit legitimate-appearing spear-phishing emails.
The major takeaway is that security personnel should catch a breath in this fast-changing world of technology. Threats are getting serious but so are its counter-measures. To stay safe, individuals and organizations should incorporate state of the art cybersecurity measures and adopt cyber-hygiene as a lifestyle.
To read more, please check eScan Blog
