Key findings from defending the NOC at Black Hat Europe 2022 | Popgen Tech

Important points

1. IronNet’s detections during the Black Hat Europe conference not only revealed several active malware infections – such as the Arechclient2 information stealer – but also revealed a series of poor security practices by attendees that could have led to serious follow-up compromises in both the Black Hat network and their respective enterprises.
2. IronNet’s detection of an insecure Chrome extension with suspicious exfiltration activity in the Black Hat network led to the identification of the same activity across nine different enterprises in the US, Asia and the Middle East by our Collective Defense platform IronDome .
3. As IronNet enters its third year as a partner in the Black Hat NOC, we continue to fulfill the critical role of providing network visibility for troubleshooting and hygiene, in addition to lending detection and threat hunting capabilities.

In early December, we wrapped up another year of defending the Network Operations Center (NOC) at the Black Hat Europe Cyber ​​Security Conference. Our NOC Threat Hunters – Blake Cahen, Peter Rydzynski and Jeremy Miller – have helped partner companies Palo Alto, Cisco, Meraki, Gigamon and Netwitness defend the Black Hat environment. This includes both external and internal threats, with a major focus on the security of the Black Hat infrastructure and the participants’ devices. From a Network Detection and Response (NDR) perspective, helping identify potential malware on participants’ devices was one of the highlights of our contribution.

*** This is a Security Bloggers Network syndicated blog from IronNet Blog written by. Read the original post at: https://www.ironnet.com/blog/key-findings-from-defending-the-noc-at-black-hat-europe-2022