August 9-14, 2022
Rapid7 is back in Vegas for Black Hat, BSides, and DEF CON!! Come meet us in person to learn how we help you stay ahead of attackers, ahead of the competition, and ready for the future.
With strategic expertise and industry-leading solutions across Cloud Security, Threat Intelligence, Detection & Response, Vulnerability Management, and Managed Services, we empower you to see what’s coming and secure what’s next.
Wednesday, August 10
Customer VIP Admission: 9:00 PM - 1:00 AM
General Admission: 10:00 PM - 1:00 AM
3215 S Rancho Drive
Las Vegas, NV 89102
Welcome back to Hacker Summer Camp. Rapid7 is excited to see everyone again and host a legendary celebration for our cybersecurity community. You are not going to want to miss this evening where you can play games, collect badges, and reconnect with friends outside at the new coolest spot in town. It’s also the only place you can get Rapid7’s 2022 Hacker Summer Camp t-shirts!
Pre-Register
And pick up your pass in Booth #1532 Black Hat. Passes will not be available at the door.
Premier Partner Sponsor:
Our experts will be standing by to answer your toughest questions, demo the features you’re longing to see, and hook you up with the latest Rapid7 swag.
See how we give you the industry-leading solutions and strategic expertise to manage risk and eliminate threats with speed and precision across any environment.
Hear from Rapid7 experts and partners on how we can help you scale with confidence and build future-ready security programs.
Be sure to pick up your pass so you can join us Wednesday night at AREA15 for our Community Celebration. No passes will be available at the door.
Curt Barnard, Principal Security Researcher, Rapid7
Have you ever had to Google around trying to find a default password for a router? Are you sick of combing through user manuals just to find admin:admin buried on page 37. Then it's time you tried Defaultinator. This newly released tool is a repository for default credentials made searchable via API or the intuitive web interface. Why would someone make such a tool? Why, I'm so glad you asked!
Static device passwords are not only Really Bad, they are sometimes illegal. Yet legacy or poorly secured IoT devices still often contain default or hardcoded passwords. It's hard to know if you have default passwords in your environment, but this tool is here to help you find them. Or maybe you are on a Red Team engagement and want to audit for CWE-798 (Use of Hard-coded Credentials). Defaultinator has your back.
In this talk, I'll cover how default passwords contribute to the spread of malware, how common it is to see them used in brute force attacks 'in the wild', and how a tool like Defaultinator can help you identify them and remove them from your own environment.
Date: Wednesday, August 10
Time: 1:00 PM - 2:30 PM
Session Type: Briefings
Tracks: OSINT - Open Source Intelligence, Vulnerability Assessment
Spencer McIntyre, Lead Security Researcher, Rapid7
Modern attack emulation is a multi-step process involving different tools and techniques as testers execute custom workflows to achieve their objectives. One primary advantage of the Metasploit Framework is a unified approach to solving this problem.
This Arsenal demonstration will cover some of the latest improvements to the Metasploit Framework and showcase how these improvements maximize effectiveness while performing common tasks. Viewers will see the latest workflows for capturing credentials, UI optimizations for running modules, and demonstrations of Metasploit's new payload-less session types. Capturing credentials is an integral part of many penetration testing methodologies and, when combined with the Metasploit database, can be a powerful technique for users engaged in breaching simulations. The latest features streamline configuring all the services Metasploit has capture modules for and managing them as a single unit. Users will also learn about some of the latest improvements related to pivoting in Metasploit, which allow capturing services to be started on compromised hosts when combined.
Date: Wednesday, August 10
Time: 2:30 PM - 4:00 PM
Session Type: Arsenal
Tracks: Exploitation and Ethical Hacking, Network Attacks
Jake Baines, Lead Security Researcher, Rapid7
Cisco ASA and ASA-X are widely deployed firewalls that are relied upon to protect internal networks from the dangers of the outside world. This key piece of network infrastructure is an obvious point of attack, and a known target for exploitation and implantation by APT such as the Equation Group. Yet it's been a number of years since a new vulnerability has been published that can provide privileged access to the ASA or the protected internal network. But all good things must come to an end.
In this talk, new vulnerabilities affecting the Cisco ASA will be presented. We'll exploit the firewall, the system's administrators, and the ASA-X FirePOWER module. The result of which should call into question the firewall's trustworthiness.
The talk will focus on the practical exploitation of the ASA using these new vulnerabilities. To that end, new tooling and Metasploit modules will be presented. For IT protectors, mitigation and potential indicators of compromise will also be explored.
Date: Thursday, August 11
Time: 10:20 AM - 11:00 AM
Session Type: Briefings
Tracks: Network Security, Hardware/Embedded
Jake Baines, Lead Security Researcher, Rapid7
Every day, defenders contend with more vulnerabilities than even the most well-resourced organization can handle. They find themselves needing to separate signals out of an overwhelming amount of noise, and having to use vague information about critical vulnerabilities to ascertain the potential impact to them. The Rapid7 Emergent Threat Response team analyzes critical threats as they emerge in order to provide authoritative assessments to defenders. In this session, we’ll look back at the last two years of emergent threats, discuss lessons learned, and share techniques to cut through the noise in order to better anticipate and react to emergent threats.
Date: Thursday, August 11
Time: 11:30 AM
Room: Business Hall Theater B
Tod Beardsley, Director of Research, Rapid7
Coordinated, global vulnerability disclosure (CVD) remains a hodgepodge of formal and informal processes. There is a better way; an international, open, and not-for-profit project poised to help everyone share and understand vulnerabilities. Rapid7's Tod Beardsley will share his experience with the CVE Program and how you can take advantage to meet today’s vulnerability challenges.
On-Demand Zone - Security Operations & Incident Response Track
Ron Bowes, Lead Security Researcher, Rapid7
What happens when you find vulnerabilities by day, and write capture the flag challenges by night? Answer: teachable moments! At their core, most long-lived vulnerabilities have a little kernel of something at their core that makes them interesting: are they hard to find? Hard to exploit? Part of a multi-part attack? In a place nobody thought to look? Too obvious? Distilling what makes a vulnerability cool, then making that into a CTF challenge, is an unusual skillset that qualifies one for a distinguished career in "edutainment".
In this presentation we'll do a deep-dive into some interesting vulnerabilities and what makes them unique, then talk about the CTF challenges where the vulnerabilities lived on in eternal undeath.
Date: Tuesday, August 9
Time: 5:00 PM
Room: Ground Floor
Jen Ellis, Vice President, Community and Public Affairs, Rapid7
With widespread disruption caused by ransomware attacks and major vulnerabilities, cybersecurity is a continuing priority for policymakers and government leaders alike. This will impact the lives and careers of all BSides attendees, and policymakers can benefit from security pros' expertise to ensure they focus on the right things and avoid unintended harms. This informal session will guide attendees through the noteworthy sights, happenings, and potential pitfalls of Policyland, and we'll talk about how security professionals can get involved to shape policy outcomes.
Date: Tuesday, August 9
Time: 5:00 PM
Room: I Am The Cavalry
Deral Heiland, Principal Security Researcher, IoT is back in the IoT Village with more hands-on hardware hacking exercises, guiding attendees through a multistep process to gain full root access to a targeted IoT device.
Patrick Kiley, Principal Security Consultant / Research Lead, will be in the Car Hacking Village where you can learn about automotive hacking and cyber security while hacking actual vehicles that you don’t have to worry about breaking.
Harley Geiger, Public Policy Senior Director, Rapid7
What a year for hacker law! 2021-2022 saw major changes to laws that regulate hacking, such as the notorious CFAA, the grotesque DMCA Sec. 1201, and China's grisly "Management of Security Vulnerabilities" regulation. Many of these developments are directly intended to aid or control independent security research. This presentation will explain the progress, setbacks, and current state of hacking law.
Date: Friday, August 12
Time: 12:00 PM
Room: Policy Department Roundtable Room
Jen Ellis, Vice President, Community and Public Affairs, Rapid7
Cybercriminals are no longer focusing all their efforts on the biggest fish, which means organizations below the security poverty line - who often struggle with achieving adequate cyber resilience - are increasingly being hit. At the same time, we've seen an increase in supply chain attacks, which makes sense as more and more of the tech ecosystem is moving to cloud or managed service provider models. Various governments are paying attention to these shifts and are considering how regulating digital service providers may advance security more broadly, while also alleviating the burden on small to medium businesses. This session will be led by one or two governments working on this issue and will include an open discussion on the challenges and opportunities of this approach.
Date: Friday, August 12
Time: 4:00 PM
Room: Policy Department Roundtable Room
Jake Baines, Lead Security Researcher, Rapid7
In case you missed Jake at Black Hat, he will be presenting at DEF CON as well. In this talk, new vulnerabilities affecting the Cisco ASA will be presented. We'll exploit the firewall, the system's administrators, and the ASA-X FirePOWER module. The result of which should call into question the firewall's trustworthiness.
Date: Saturday, August 13
Time: 1:30 PM
Room: Track 4
Jen Ellis, Vice President, Community and Public Affairs, Rapid7
It's been a little over a year since the Colonial Pipeline, HSE, and JBS attacks put ransomware firmly on the agenda as a threat to national security and economic stability. Since then, we've seen ransomware attacks become more openly politicized. We have also seen the White House and G7 both host international government forums to identify collaborative actions to tackle the threat. Government action has included new sanctions, public/private initiatives, bounties for criminals, and various other measures designed to disrupt attacks, encourage greater cyber resilience, and make life for cybercriminals harder. This session brings together multiple government response experts to talk about what's being done, what results have been seen, and where we're headed next. They will start off covering these points and then open to the audience for questions and open discussion on next steps and impacts.
Date: Saturday, August 13
Time: 4:00 PM
Room: Policy Department’s Collaboratorium Room
Visit us at Booth #1532 at Black Hat to receive your pass.
*By signing up for this event, you are consenting to photos and videos that may be taken onsite, and to providing Rapid7 and our event partner(s), your personal data from the event registration form. Your data will be used for marketing correspondence of our goods/services, analytics, and statistics. We’re a global company, so your data will be transferred inside and outside of the EU. You can learn more about how Rapid7 handles data privacy and security by visiting https://www.rapid7.com/trust. If you’d prefer to opt-out, or have questions, you can email our privacy team at privacy@rapid7.com.