Headline
Announcing the BlueHat 2024 Sessions
34 sessions from 54 presenters representing 20 organizations! We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30. This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”. Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.
34 sessions from 54 presenters representing 20 organizations!
We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30.
This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”.
Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.
For those unable to attend in-person sessions will be available to view on demand in the weeks following the conference.
Please note that session times and order are still subject to change. The final schedule will be published and provided to attendees in advance of the conference.
Day 1, Tuesday, October 29, 2024
Keynote: Chris Wysopal (Weld Pond)
Co-founder & Chief Security Evangelist, Veracode
Track A: Cloud & Identity Security
Track B: OS & App Security
The two sides of UnOAuthorized Presented by Eric Woodruff from Semperis and Cameron Vincent from Microsoft
DCOM Research for Everyone! Presented by James Forshaw from Google
Tokens & Takeovers: Cloud-Powered Supply Chain Attacks Presented by Nitesh Surana from Trend Micro and Gaurav Mathur from Microsoft
Outlook Unleashing RCE Chaos CVE-2024-30103 & CVE-2024-38021 & CVE-2024-38173 Presented by Michael Gorelik from Morphisec
Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD Presented by Cymulate
Pointer Problems – Why We’re Refactoring the Windows Kernel Presented by Joe Bialek from Microsoft
Lightning Talks
World of Scams - A systematic analysis of online scams using the Scam Tactics and Techniques Framework Presented by Amit Tambe from F-Secure
A Security Engineer’s Journey: Creating a Developer-Friendly Security Tool Presented by Susan Krkasharian from Microsoft
My Best Frenemy: A Synergy Between Red Team and Blue Team in Oracle’s SaaS Security Presented by Svetlana Gaivoronski and David B. Cross from Oracle
Lessons Learned: Scaling Out Securing Open Source Presented by Zachary Steindler from Microsoft
Entitlements on macOS and why they matter Presented by Yves Younan from Cisco Talos
Creating a Transparent Cloud Industry Presented by Justin T Mourfield and Sesha Machiraju from Microsoft
How Microsoft is Scaling DAST Presented by Jason Geffner from Microsoft
Echoes of Intrusion: Demystifying MS Graph API Attacks Presented by Miriam Wiesner from Microsoft
When the Levee Breaks: Exposing Critical Flaws in Wi-Fi Camera Ecosystems Presented by Mark Mager and Eric Forte from Elastic
Deprecating Azure AD Graph API is Easy and Other Lies We Tell Ourselves Presented by Nestori Syynimaa from Microsoft
Sweet QuaDreams or Nightmare Before Christmas? Dissecting an iOS 0-day Presented by Christine Fossaceca from Microsoft and Bill Marczak from Citizen Lab
Day 2, Wednesday, October 30, 2024
Keynote: Amanda Silver
CVP & Head of Product, Developer Division, Microsoft
Track C: Threat Hunting & Intel
Threat D: AI & ML Security
Patterns in the Shadows: Scaling Threat Hunting and Intelligence for Modern Adversaries Presented by Mark Parsons and Colin Cowie from Sophos
Lessons Learned from Red Teaming 100 Generative AI Applications Presented by Ram Shankar Siva Kumar and Blake Bullwinkel from Microsoft
Scaling AppSec With an SDL for Citizen Development Presented by Michael Bargury from Zenity/OWASP and Don Willits from Microsoft
Isolation or Hallucination? Hacking AI Infrastructure Providers for Fun and Weights Presented by Hillai Ben-Sasson and Sagi Tzadik from Wiz
Embedding Sysmon Logs for Enhanced Threat Detection: A Practical Approach to Using RAG in Cybersecurity Presented by Jose Rodriguez from George Mason University
Breaking LLM Applications - Advances in Prompt Injection Exploitation Presented by Johann Rehberger from embracethered.com
Lightning Talks
Getting “In Tune” with an Enterprise: Detecting Microsoft Intune Lateral Movement Presented by Brett Hawkins from IBM
AI’s got Muffins- the RAG-a-muffins!!! Presented by Vivek Vinod Sharma from Microsoft
Ransomware Resilience: Turning the Tide Against Cyber Extortion Presented by Tom Williams from True Zero Technologies
SafeChatAI: Enhancing Cybersecurity Awareness Using Artificial Intelligence Presented by Ayobami Olatunji from Microsoft
Firmware Security: The Middle Child of Security Presented by Nithin Sade from Google
Three Decades of Network Security Evolution Presented by Vern Paxson from Corelight
PyRIT: From LLM Security Research to Practical Attacks Presented by Richard Lundeen from Microsoft
MSTIC Ghost Stories - A Threat Intelligence Year in Review Presented by Rachel Giacobozzi from Microsoft
SLIP: Securing LLMs IP Using Weights Decomposition Presented by Adam Hakim from Microsoft
Minting Silver Bullets is Challenging Presented by Josh Brown-White from Microsoft
Automate AI Red Teaming in your existing tool chain with PyRIT Presented by Joris de Gruyter and Shiven Chawla from Microsoft
To join the conversation and follow along with BlueHat 2024 please follow us on X/Twitter @MSFTBlueHat and on LinkedIn at aka.ms/MSRC-LinkedIn
Looking forward to seeing you all at BlueHat!
Nic Fillingham, BlueHat Program Manager
Related news
The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack.
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.
This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.
CVE-2024-30080 is the only critical issue in Microsoft's June 2024 Patch Tuesday update, but many others require prompt attention as well.
The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.