Security
Headlines
HeadlinesLatestCVEs

Headline

Announcing the BlueHat 2024 Sessions

34 sessions from 54 presenters representing 20 organizations! We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30. This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”. Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.

msrc-blog
#ios#mac#windows#google#microsoft#cisco#oracle#intel#rce#oauth#auth#ibm#zero_day#wifi

34 sessions from 54 presenters representing 20 organizations!

We are thrilled to reveal the lineup of speakers and presentations for the 23rd BlueHat Security Conference, in Redmond WA from Oct 29-30.

This year’s conference continues the BlueHat ethos and Secure Future Initiative mission of “Security Above All Else”.

Security researchers and responders from inside and outside of Microsoft will gather on the Microsoft campus in Redmond, WA to share, debate, and challenge each other, with the shared goal of creating a safer and more secure world for all.

For those unable to attend in-person sessions will be available to view on demand in the weeks following the conference.

Please note that session times and order are still subject to change. The final schedule will be published and provided to attendees in advance of the conference.

Day 1, Tuesday, October 29, 2024

Keynote: Chris Wysopal (Weld Pond)
Co-founder & Chief Security Evangelist, Veracode

Track A: Cloud & Identity Security

Track B: OS & App Security

The two sides of UnOAuthorized Presented by Eric Woodruff from Semperis and Cameron Vincent from Microsoft

DCOM Research for Everyone! Presented by James Forshaw from Google

Tokens & Takeovers: Cloud-Powered Supply Chain Attacks Presented by Nitesh Surana from Trend Micro and Gaurav Mathur from Microsoft

Outlook Unleashing RCE Chaos CVE-2024-30103 & CVE-2024-38021 & CVE-2024-38173 Presented by Michael Gorelik from Morphisec

Double Agent: Exploiting Pass-through Authentication Credential Validation in Azure AD Presented by Cymulate

Pointer Problems – Why We’re Refactoring the Windows Kernel Presented by Joe Bialek from Microsoft

Lightning Talks

World of Scams - A systematic analysis of online scams using the Scam Tactics and Techniques Framework Presented by Amit Tambe from F-Secure

A Security Engineer’s Journey: Creating a Developer-Friendly Security Tool Presented by Susan Krkasharian from Microsoft

My Best Frenemy: A Synergy Between Red Team and Blue Team in Oracle’s SaaS Security Presented by Svetlana Gaivoronski and David B. Cross from Oracle

Lessons Learned: Scaling Out Securing Open Source Presented by Zachary Steindler from Microsoft

Entitlements on macOS and why they matter Presented by Yves Younan from Cisco Talos

Creating a Transparent Cloud Industry Presented by Justin T Mourfield and Sesha Machiraju from Microsoft

How Microsoft is Scaling DAST Presented by Jason Geffner from Microsoft

Echoes of Intrusion: Demystifying MS Graph API Attacks Presented by Miriam Wiesner from Microsoft

When the Levee Breaks: Exposing Critical Flaws in Wi-Fi Camera Ecosystems Presented by Mark Mager and Eric Forte from Elastic

Deprecating Azure AD Graph API is Easy and Other Lies We Tell Ourselves Presented by Nestori Syynimaa from Microsoft

Sweet QuaDreams or Nightmare Before Christmas? Dissecting an iOS 0-day Presented by Christine Fossaceca from Microsoft and Bill Marczak from Citizen Lab

Day 2, Wednesday, October 30, 2024

Keynote: Amanda Silver
CVP & Head of Product, Developer Division, Microsoft

Track C: Threat Hunting & Intel

Threat D: AI & ML Security

Patterns in the Shadows: Scaling Threat Hunting and Intelligence for Modern Adversaries Presented by Mark Parsons and Colin Cowie from Sophos

Lessons Learned from Red Teaming 100 Generative AI Applications Presented by Ram Shankar Siva Kumar and Blake Bullwinkel from Microsoft

Scaling AppSec With an SDL for Citizen Development Presented by Michael Bargury from Zenity/OWASP and Don Willits from Microsoft

Isolation or Hallucination? Hacking AI Infrastructure Providers for Fun and Weights Presented by Hillai Ben-Sasson and Sagi Tzadik from Wiz

Embedding Sysmon Logs for Enhanced Threat Detection: A Practical Approach to Using RAG in Cybersecurity Presented by Jose Rodriguez from George Mason University

Breaking LLM Applications - Advances in Prompt Injection Exploitation Presented by Johann Rehberger from embracethered.com

Lightning Talks

Getting “In Tune” with an Enterprise: Detecting Microsoft Intune Lateral Movement Presented by Brett Hawkins from IBM

AI’s got Muffins- the RAG-a-muffins!!! Presented by Vivek Vinod Sharma from Microsoft

Ransomware Resilience: Turning the Tide Against Cyber Extortion Presented by Tom Williams from True Zero Technologies

SafeChatAI: Enhancing Cybersecurity Awareness Using Artificial Intelligence Presented by Ayobami Olatunji from Microsoft

Firmware Security: The Middle Child of Security Presented by Nithin Sade from Google

Three Decades of Network Security Evolution Presented by Vern Paxson from Corelight

PyRIT: From LLM Security Research to Practical Attacks Presented by Richard Lundeen from Microsoft

MSTIC Ghost Stories - A Threat Intelligence Year in Review Presented by Rachel Giacobozzi from Microsoft

SLIP: Securing LLMs IP Using Weights Decomposition Presented by Adam Hakim from Microsoft

Minting Silver Bullets is Challenging Presented by Josh Brown-White from Microsoft

Automate AI Red Teaming in your existing tool chain with PyRIT Presented by Joris de Gruyter and Shiven Chawla from Microsoft

To join the conversation and follow along with BlueHat 2024 please follow us on X/Twitter @MSFTBlueHat and on LinkedIn at aka.ms/MSRC-LinkedIn

Looking forward to seeing you all at BlueHat!

Nic Fillingham, BlueHat Program Manager

Related news

2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit

The November 2024 Patch Tuesday update contains a substantially high percentage of remote code execution (RCE) vulnerabilities (including a critical issue in Windows Kerberos), and two other zero-day bugs that have been previously disclosed and could soon come under attack.

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser

Microsoft Patch Tuesday, July 2024 Edition

Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

Critical MSMQ RCE Bug Opens Microsoft Servers to Complete Takeover

CVE-2024-30080 is the only critical issue in Microsoft's June 2024 Patch Tuesday update, but many others require prompt attention as well.

Only one critical issue disclosed as part of Microsoft Patch Tuesday

The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.

msrc-blog: Latest News

Mitigating NTLM Relay Attacks by Default