As the security community gathers at Black Hat, a glimpse inside the network operations center (NOC) reveals a sobering truth: even infosec professionals are guilty of poor security practices. According to James Pope, lead of the Black Hat SOC, many attendees were seen making mistakes on the conference Wi-Fi network.
Pope reported seeing clear-text data floating around, including emails, files, and passwords, as well as SASE proxy browser traffic being transmitted in the open. He also noted that LDAP was exposed to the internet, non-encrypted Basic Auth was present among web traffic, and a potential flaw in a well-known commercial VPN product.
The unnamed VPN was found to be leaking GPS coordinates of users connected to the Black Hat network, prompting Pope to write a disclosure notice to the company. The issue may not be technical, but it’s still important to report it.
The Black Hat NOC team detected 2.65 million threats over the five-day event, highlighting the importance of security vigilance, even among professionals. As Pope noted, “Security has to watch its own things.”
This incident serves as a reminder that security is not always easy, and even industry experts can fall prey to common mistakes. The NOC team’s efforts to detect unknown threats and be proactive in addressing them are crucial in maintaining the security of networks like the one at Black Hat.
Source: https://www.theregister.com/2024/08/12/black_hat_security/