SafeBreach Labs to Showcase Original Research in Four Talks across Black Hat USA 2025 and DEF CON 33 Conferences
This year's sessions further cement the reputation of the SafeBreach Labs team as recognized experts and thought leaders in cybersecurity research. Over the past seven years, team members have consistently earned speaking slots at both Black Hat USA and DEF CON simultaneously, while presenting more than 50 additional talks at conferences around the world. In addition, the SafeBreach Labs team has discovered 50+ zero-day vulnerabilities and been nominated twice for the Pwnie Awards for Most Innovative Research and Best Privilege Escalation.
The team's research this year will demonstrate significant vulnerabilities in AI-powered workplace systems and Windows operating system components that impact enterprise security:
Invitation Is All You Need! Invoking Gemini for Workspace Agents with a Simple Google Calendar Invite
At Black Hat on Wednesday, August 6 at 4:20 pm PT
At DEF CON on Sunday, August 10 at 10:00 am PT
SafeBreach Security Research Team Lead Or Yair, cybersecurity expert Ben Nassi, and PhD Student Stav Cohen will present their discovery of a new variant of Promptware called Targeted Promptware Attacks that allows Gemini for Workspace agents to be hacked through simple Google Calendar invitations, revealing 15 different exploitations across Gemini's web interface, mobile application, and Google Assistant. The session will explain how attackers can generate toxic content, perform spamming and phishing, delete calendar events, control home appliances, video stream and geolocate victims, and more. Their findings indicate that more than 70% of identified Promptware risks are high/critical and require immediate mitigations.
You Snooze, You Lose: RPC-Racer Winning RPC Endpoints against Services
At DEF CON on Friday, August 8 at 2 pm PT
SafeBreach Security Researcher Ron Ben Yizhak will present how he discovered the ability for unprivileged users to impersonate trusted RPC servers—and how SafeBreach's new RPC-Racer toolset identifies and exploits these vulnerabilities. From racing services at boot time to tricking high-integrity processes into trusting malicious fake servers, this session dives deep into manipulation of RPC clients and demonstrates the real-world risks.
Win-DoS Epidemic: A crash course in abusing RPC for Win-DoS & Win-DDoS
At DEF CON on Sunday, August 10 at 12:30 pm PT
Building on original LDAPNightmare research released earlier this year, SafeBreach Security Research Team Lead Or Yair and Research Lead Shahak Morag will discuss how they exploited security gaps in Microsoft Windows RPC to develop a novel DDoS technique—dubbed Win-DDoS—that can harness the power of tens of thousands of public domain controllers around the world to create a malicious botnet with vast resources. The presentation will also demonstrate how they discovered four new DoS vulnerabilities along the way, with abilities ranging from crashing an individual domain controller to crashing any Windows computer within a domain. The presentation raises implications for enterprise resilience, risk modeling, and defense strategies, while providing new insights for OS-level hardening.
"The SafeBreach Labs team has established a remarkable history of presenting original research at both Black Hat USA and DEF CON—this year is no different,' said Tomer Bar, VP of Security Research at SafeBreach. "The team's work reveals critical vulnerabilities across both AI-powered workplace systems and traditional Windows infrastructure, showcasing the critical need for organizations to continuously validate their security posture against emerging attack vectors. We're proud of the impact this research has not only in strengthening the SafeBreach exposure validation platform, but also in helping the broader security community understand and defend against these sophisticated threats."
The SafeBreach exposure validation platform is utilized by some of the largest financial services, healthcare, manufacturing, and transportation organizations in the world to validate security control performance, identify gaps, and take remedial action to strengthen security posture and reduce overall business risk. SafeBreach maintains a 24-hour service-level agreement (SLA) to add new attacks to its Hacker's Playbook based on critical US-CERT and FBI Flash alerts, so customers can immediately test against the latest threats. With the industry's most advanced threat research team, SafeBreach is able to ensure its playbook boasts an unmatched collection of 30,000+ attacks.
For more information about the sessions or to schedule a time to connect with SafeBreach experts at Black Hat USA 2025 on August 5-9 and DEF CON on August 7-10, stop by our booth #5416 or visit safebreach.com/black-hat-usa-2025/.
About Black Hat
Founded in 1997, Black Hat is an internationally recognized cybersecurity event series providing the most technical and relevant information security research. Grown from a single annual conference to the most respected information security event series internationally, these multi-day events provide the security community with the latest cutting-edge research, developments, and trends. Today Black Hat Briefings and Trainings are held annually in the United States, Europe, and Asia, providing premier venues for elite security researchers and trainers to find their audience.
About SafeBreach
SafeBreach is the leader in enterprise-grade exposure validation, providing the world's largest brands with safe and scalable capabilities to understand, measure and remediate threat exposure and associated cyber risk. The award-winning SafeBreach exposure validation platform combines pioneering breach and attack simulation and innovative attack path validation capabilities to help enterprise security teams measure and address security gaps at the perimeter and beyond. Backed by a world-renowned original threat research team and world-class support, SafeBreach helps enterprises transform their security strategy from reactive to proactive safely and at scale. To learn more about how SafeBreach helps enterprises with end-to-end exposure visibility, visit www.safebreach.com.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Insider
3 days ago
- Business Insider
The future of AI might be hiding in a tool you already use every day
In her recent deep dive comparing Comet with a similar product called Dia, Moore emphasizes that AI browsers are not just souped-up search engines. They are agents capable of performing complex, multi-step tasks across your digital workspace without switching contexts. Unlike chatbots that require explicit interaction, Comet lives alongside your daily workflow, turning everyday browsing into automated productivity. In a recent YouTube video and X post, Moore highlighted Comet's integration across Gmail, Google Calendar, Drive, and more, enabling real actions such as triaging emails, rescheduling meetings, and completing purchases. Need to rebook a flight, summarize five open tabs, and follow up with a contact? Comet can do it, and remember to nudge you if you forget, according to Moore. This is where Moore thinks Comet shines over Dia: it's not just reactive, it's proactive. It handles recurring tasks, personalizes results, and pushes outputs back to you without needing to navigate into a separate interface and spin up a new project — a limitation of broader AI tools such as ChatGPT and Project Mariner. Still, Moore doesn't count Dia out. Its customizable "Skills" and multi-tab reasoning make it a great assistant for creators and researchers, especially those who like to fine-tune workflows. Ultimately, Moore crowns Comet the better AI browser, but she said that Dia remains her daily driver for personalized workflows. The bigger takeaway? AI browsers like Comet are ushering in a world where software isn't just a tool, but a collaborator.
Business Insider
3 days ago
- Business Insider
The future of AI might be hiding in a tool you already use every day
Forget chatbots. The future of AI might be hiding in plain sight: your web browser. That's the vision behind Comet, Perplexity's new AI-native browser, and one that a16z partner Olivia Moore believes could reshape how we work online. In her recent deep dive comparing Comet with a similar product called Dia, Moore emphasizes that AI browsers are not just souped-up search engines. They are agents capable of performing complex, multi-step tasks across your digital workspace without switching contexts. Unlike chatbots that require explicit interaction, Comet lives alongside your daily workflow, turning everyday browsing into automated productivity. In a recent YouTube video and X post, Moore highlighted Comet's integration across Gmail, Google Calendar, Drive, and more, enabling real actions such as triaging emails, rescheduling meetings, and completing purchases. Need to rebook a flight, summarize five open tabs, and follow up with a contact? Comet can do it, and remember to nudge you if you forget, according to Moore. This is where Moore thinks Comet shines over Dia: it's not just reactive, it's proactive. It handles recurring tasks, personalizes results, and pushes outputs back to you without needing to navigate into a separate interface and spin up a new project — a limitation of broader AI tools such as ChatGPT and Project Mariner. Still, Moore doesn't count Dia out. Its customizable "Skills" and multi-tab reasoning make it a great assistant for creators and researchers, especially those who like to fine-tune workflows. Ultimately, Moore crowns Comet the better AI browser, but she said that Dia remains her daily driver for personalized workflows. The bigger takeaway? AI browsers like Comet are ushering in a world where software isn't just a tool, but a collaborator. As Moore puts it: "We may finally be there."
Business Wire
4 days ago
- Business Wire
Media Alert: DeepTempo at Black Hat USA 2025, DEF CON 33, and BSides Las Vegas
LAS VEGAS--(BUSINESS WIRE)-- DeepTempo, a pioneer in behavioral threat detection powered by deep learning, will be on the ground at Black Hat USA 2025, DEF CON 33, and BSides Las Vegas. As the cybersecurity landscape evolves with polymorphic and AI-powered threats, DeepTempo's presence will focus on empowering defenders through community, collaboration, and context-rich detection. Join DeepTempo experts for panel discussions and talks starting August 4. Where to Find DeepTempo: Black Hat USA 2025 – Mandalay Bay, Las Vegas Outsiders & Outliers: Security's Superpower Hosted by Polaris Collective, Blue Cycle, and Code Red, Outsiders & Outliers is a curated evening event exploring how underground communities are influencing the future of cybersecurity. Evan Powell, Founder and CEO of DeepTempo, will join the panel 'AI Forging the Shield vs. Sharpening the Sword' to discuss how agentic AI and behavior-based detection are reframing cyber defense in 2025. Additional sessions include a fireside chat on 'The New Face of Vulnerability Management in the Agentic AI Era' and the panel 'AnarchoSec: Bleeding-Edge Innovation from the Margins to the Mainstream.' When: Monday, August 4, 5:00-10:00 PM PDT Where: Punk Rock Museum 1422 Western Ave, Las Vegas, NV 89102 Registration: Code Fast, Fall Hard, Recover Faster: The Security Promise & Pitfalls of Open-Source Acceleration Open source remains one of cybersecurity's greatest enablers. Transparency, collaboration, and peer-reviewed code are core to resilient digital infrastructure. But as development velocity increases, so do risks around complexity, dependency sprawl, and misunderstood trust boundaries. This session explores how CISOs can embrace the power of open source while managing its nuanced security trade-offs, ensuring that speed and openness don't come at the cost of resilience. Speaker: Julie Tsai, Advisor at DeepTempo, Bay Area CSO Council Board Member, Limited Partner at Rain Capital and One Way Ventures, and Founding Member of Professional Association of CISOs When: Wednesday, August 6, 12:05-12:25 PM PDT Where: The AI Stage, Business Hall Registration: Staying Ahead of AI Regulations: What Security Teams Need to Know As AI regulations move at pace around the world, security teams face mounting challenges as they try to balance breakthrough innovation with rock-solid compliance. This discussion will unravel the evolving global rulebook and show how to translate key requirements into your real-world AI pipelines while highlighting retrieval augmented generation (RAG). Attendees will walk away with an AI-powered governance framework that keeps you one step ahead of regulators. Speaker: Brennan Lodge, Fractional CISO at DeepTempo, Founder of Blodgic, and Director of Information Security at Manhattan Institute When: Wednesday, August 6, 4:25-4:45 PM PDT Where: The AI Stage, Business Hall Registration: DEF CON 33 – Las Vegas Convention Center, Las Vegas Blue Team Village – DeepTempo is a proud sponsor! Find DeepTempo at the BTV, where the team will be supporting detection engineers, SOC defenders, and all blue teamers with real-time threat demos and sneak peeks at how our LogLMs are catching what others miss. Keep an eye out for our t-shirts and come talk shop with our engineering team. When: Saturday, August 9-Monday, August 11 Where: West Hall, 2nd Floor Registration: BSides Las Vegas – The Tuscany, Las Vegas RAG Against the Machine: Using Retrieval-Augmented Generation and MCP to Fortify Cybersecurity Defenses As threat actors evolve faster than our security tools, defenders need a new playbook, one that blends explainable AI with real-world cyber context. Enter CADDIE: a Retrieval-Augmented Generation (RAG) engine driven by the Model Context Protocol (MCP) to supercharge SOCs, auditors, and compliance teams. This session will unpack how to use RAG + MCP to inject real-time policy, threat intel, and log data into large language models, enabling automation for tasks like gap analysis, alert triage, and regulatory mapping. Attendees will walk away understanding how to wield GenAI as a precise, compliant tool, not a hallucinating risk vector. Speaker: Brennan Lodge, Fractional CISO at DeepTempo, Founder of Blodgic, and Director of Information Security at Manhattan Institute When: Tuesday, August 5, 3:00 PM PDT Where: Ground Truth Registration: About DeepTempo DeepTempo offers deep-learning-based cybersecurity solutions that safeguard enterprises and service providers against cyberattacks. Leveraging its foundation LogLMs, the company's cybersecurity solutions are on the Snowflake Native App Marketplace and also available for deployment in on-premise security data lakes, helping organizations optimize security spending and enhance operational efficiency while maintaining robust threat protection without lock-ins. To find out more, go to or check out the company's LinkedIn page, YouTube channel, and Medium posts.
