We’re getting close to Black Hat, and we hope to see you there. Here’s where you can find members of the Microsoft Security Response Center if you’d like to say hello, ask a question about a report you made, discuss a recent blog article, or just show us pictures of your dog.
Wednesday, August 7
Members of the MSRC will be attending talks throughout the event, but with over 20 tracks and more than 120 talks, your best bet for finding us will be at talks by Microsoft speakers. We’ve got four scheduled on Wednesday, two of which are collaborative presentations with industry partners. We’ll be exploring topics ranging from defending the cloud, to VM escapes, to how to attack a host with RDP–and how to detect the attack– and browser attacks that may be bigger than they seem.
- Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD) (11:15-12:05)
- Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine (11:15-12:05)
- He Said, She Said – Poisoned RDP Offense and Defense (4:00-4:50)
- Hunting for Bugs, Catching Dragons (4:00-4:50)
On Wednesday morning, Microsoft’s booth will open on in the Expo Hall… and with it we’ll announce the top researchers for the past year. Come by to see your name on the list and talk to people working to secure the cloud. If you can’t make it to the show floor, keep an eye on our blog for the announcement.
Still not done after the talks? If you’re into threat hunting in Azure, we hope you’ll attend the Microsoft Threat Intelligence Center’s Azure Sentinel community reception (7PM-10PM) for casual conversation about defending the cloud over snacks and drinks. Capacity is limited, so to secure a spot be sure to sign up here.
Thursday, August 8
On Thursday, we’re back with four more talks with Microsoft speakers, a micro-summit that we recommend for those running (or thinking about running) bug bounty programs, awards for our industry partners… and of course the Microsoft party.
First, the talks. Join us for discussions of applying machine learning to threat intelligence, supply chain attacks in an interconnected world, the story of how two researchers found an issue in the cloud—and what you can apply from how we fixed it—and what we learned about how you can exploit Unicode normalization to bypass URL security filters.
- Death to the IOC: What’s Next in Threat Intelligence (9:00-9:25)
- The Enemy Within: Modern Supply Chain Attacks (9:45-10:35)
- Preventing Authentication Bypass: A Tale of Two Researchers (2:30-3:20)
- HostSplit: Exploitable Antipatterns in Unicode Normalization (3:50-4:40)
Considering launching a bug bounty program? Launched one and are thinking about how to make it as effective as possible? Be sure to check out the Bug Bounty Micro-Summit 9:45-1:00 to gain from first-hand experience.
If you are a member of the Microsoft Active Protections Program, be sure to attend our awards reception Thursday afternoon (check your email for your invitation). We’ll recognize our top partners for vulnerability reports, threat detections, and reports of 0-days in the wild. We hope all our MAPP partners will be able to attend. For those who cannot we’ll be publishing the results to our blog.
We’re also hosting the annual Microsoft party at Black Hat on Thursday at an undisclosed location near the Las Vegas Strip. Invitations will be going out shortly. If you want an invitation and haven’t seen one, sign up here to request one. We’ll be issuing more invitations as we have space.
More announcements will be made over the next couple weeks, so keep watching this blog and the @msftsecresponse Twitter account. See you in Las Vegas!
Christa Anderson, Senior Security Program Manager, MSRC