Estimated reading time: 2 minutes, 1 second

Black Hat 2022 Focuses on Ukraine, Log4j and Web3   Featured

Sunday, Aug 21 2022
General
Written by  STB Staff

The cybersecurity implications of the war in Ukraine, the Log4j logging tool vulnerability and Web3 were front and center at the recent Black Hat conference in Las Vegas. So reports SiliconAngle.

ukraine g2afeb4ef7 640Victor Zhora, chief digital transformation officer at the State Service of Special Communications and Information Protection in Ukraine, was a surprise guest. He said that cyber incidents in Ukraine have tripled this year, allegedly including attacks by Russia’s powerful Industroyer2 malware.

Robert Silvers, under secretary for policy at the Department of Homeland Security, warned that Log4j issues may be bedeviling the security community for a long time to come. Discussing the Cyber Safety Review Board’s investigation of the Log4j flaw, Silvers said (as quoted by the Record), “The board found that it is likely that organizations are going to be dealing with continued Log4j exposure for years to come, maybe a decade or longer.” As FCW notes, Silvers also said the board is staffing up.

A ramp-up in data breaches involving the world of Web3, such as a $620 million hack from blockchain game provider Ronin Network in March, also drew attention from security researchers at the conference. SiliconAngle reports that Nathan Hamiel, senior director of research at Kudelski Security, said during a Black Hat presentation that NFT and cryptocurrency collectors are being targeted. “The time to exploit this stuff is incredibly fast and we’re not used to what we’re seeing,” Hamiel reportedly said.

Elsewhere at Black Hat, a coalition of 18 tech businesses—including Amazon.com’s AWS cloud business, cybersecurity firm Splunk and IBM’s security arm—said they are developing a shared data standard for cybersecurity information-sharing, as The Wall Street Journal reports. The Open Cybersecurity Schema Framework, or OCSF, aims to address chief information security officers’ concerns about a lack of automatic integration between proprietary cyber products.

In a keynote speech, Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, warned that he expects cybersecurity challenges to worsen before the landscape improves, as InformationWeek reports. In another keynote, investigative journalist Kim Zetter said that critical infrastructure remains vulnerable, as Channel Futures reports.

Zetter’s account of 25 years of hacks topped PC Magazine's list of “The 14 Scariest Things We Saw at Black Hat 2022.” Meanwhile, CRN broke down “The 10 Hottest Cybersecurity Products at Black Hat 2022,” with launches and updates from Concentric AI, BigID, Seraphic Security, Cybereason, Cybersixgill, SentinelOne, Tenable, Pentera, Crowdstrike and Mimecast.

Read 996 times
Rate this item
(0 votes)
More in this category: « Ukraine War So Far Holds Mixed Lessons on Cybersecurity   Cybersecurity Industry Braces for Wave of Consolidation   »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline