Dennis Fisher and Lindsey O'Donnell-Welch reflect on their week in Las Vegas at Black Hat and discuss the talks they liked, including Moxie Marlinspike's keynote and the Google Project Zero retrospective, and the other topics they found interesting, including vulnerability exploitation versus social engineering and the AI ecosystem.
Many of the discussions during the conference centered on the changing threat landscape and the ways in which threat actors are adapting to defenders' tactics. For example, many cybercrime groups focus their efforts on social engineering campaigns rather than exploiting vulnerabilities, as it requires less technical knowledge. Vulnerabilities still matter, as Natalie Silvanovich of Google's Project Zero demonstrated, but there are other ways in.