Ya están disponibles las diapositivas de las presentaciones de la BlackHat USA de esta año, celebrada en el Caesars Palace en Las Vegas entre el 27 de julio y el 1 de agosto.
En esta edición parece que la audiencia ha estado dividida por toda
la polémica relacionada con las filtraciones de la NSA y su programa
Prism. En especial con la presentación de apertura, de la cual también
puedes acceder al vídeo, dada por el General Keith B. Alexander,
director de la agencia de seguridad nacional (NSA).
- Day One Keynote July 31
- A Practical Attack against MDM Solutions
- Above My Pay Grade: Cyber Response at the National Level
- Android: one root to own them all
- BinaryPig – Scalable Malware Analytics in Hadoop
- BIOS Security
- Black-Box Assessment of Pseudorandom Algorithms
- Bugalyze.com – Detecting Bugs Using Decompilation and Data Flow Analysis
- Buying into the Bias: Why Vulnerability Statistics Suck
- Combating the Insider Threat at the FBI: Real World Lessons Learned
- Compromising Industrial Facilities From 40 Miles Away
- CreepyDOL: Cheap, Distributed Stalking
- Defending Networks with Incomplete Information: A Machine Learning Approach
- End-to-End Analysis of a Domain Generating Algorithm Malware Family
- Energy Fraud and Orchestrated Blackouts: Issues with Wireless Metering Protocols (wM-Bus)
- Exploiting Network Surveillance Cameras Like a Hollywood Hacker
- Evading deep inspection for fun and shell
- The Factoring Dead: Preparing for the Cryptopocalypse
- Fully Arbitrary 802.3 Packet Injection: Maximizing the Ethernet Attack Surface
- Funderbolt: Adventures in Thunderbolt DMA Attacks
- Hacking like in the Movies: Visualizing Page Tables for Local Exploitation
- Hacking, Surveilling, and Deceiving victims on Smart TV
- Home Invasion v2.0 – Attacking Network-Controlled Hardware
- Hot Knives Through Butter: Bypassing Automated Analysis Systems
- HOW CVSS is DOSsing YOUR PATCHING POLICY (and wasting your money)
- How to Build a SpyPhone
- How to Grow a TREE (Taint-enabled Reverse Engineering Environment) From CBASS (Cross-platform Binary Automated Symbolic-execution System)
- Hunting the Shadows: In Depth Analysis of Escalated APT Attacks
- Is that a government in your network or are you just happy to see me?
- Java Every-Days: Exploiting Software Running on 3 Billion Devices
- Javascript Static Security Analysis made easy with JSPrime
- Just-In-Time Code Reuse: The more things change, the more they stay the same
- Legal Aspects of Full Spectrum Computer Network (Active) Defense
- Mactans: Injecting Malware into iOS Devices via Malicious Chargers
- Mainframes: The Past Will Come Back to Haunt You
- Maltego Tungsten as a collaborative attack platform
- Multiplexed Wired Attack Surfaces
- OptiROP: hunting for ROP gadgets in style
- Out of Control: Demonstrating SCADA device exploitation
- Owning the Routing Table – Part II
- Pass-The-Hash 2: The Admin’s Revenge
- Pixel Perfect Timing Attacks with HTML5
- Post Exploitation Operations with Cloud Synchronization Services
- Power Analysis Attacks for Cheapskates
- Predicting Susceptibility to Social Bots on Twitter
- Press ROOT to continue: Detecting OSX and Windows bootkits with RDFU
- Revealing Embedded Fingerprints: Deriving intelligence from USB stack interactions
- RFID Hacking: Live Free or RFID Hard
- The SCADA That Didn’t Cry Wolf- Who’s Really Attacking Your ICS Devices- Part Deux!
- Smashing The Font Scaler Engine in Windows Kernel
- SSL, gone in 30 seconds – a BREACH beyond CRIME
- TLS ‘secrets’
- UART THOU MAD?
- Universal DDoS Mitigation Bypass
- USING ONLINE ACTIVITY AS DIGITAL FINGERPRINTS TO CREATE A BETTER SPEAR PHISHER
- Virtual Deobfuscator – a DARPA Cyber Fast Track funded effort
- What’s on the Wire? Physical Layer Tapping with Project Daisho
- With BIGDATA comes BIG responsibility: Practical exploiting of MDX injections
- ‘) UNION SELECT `This_Talk` AS (‘New Optimization and Obfuscation Techniques’)
- Embedded Devices Security and Firmware Reverse Engineering
- JTAGulator: Assisted discovery of on-chip debug interfaces
- Methodologies for Hacking Embedded Security Appliances
- Mo Malware Mo Problems – Cuckoo Sandbox to the rescue
- PDF Attack: A Journey from the Exploit Kit to the shellcode
- Practical Pentesting of ERPs and Business Applications
- Abusing Web APIs Through Scripted Android Applications
- Beyond the Application: Cellular Privacy Regulation Space
- Clickjacking Revisited: A Perceptual View of UI Security
- CMX: IEEE Clean File Metadata Exchange
- CrowdSource: An Open Source, Crowd Trained Machine Learning Model for Malware Capability Detection
- Denial of Service as a Service – asymmetrical warfare at its finest
- Denying service to DDOS protection services
- LTE BOOMS WITH VULNERABILITIES
- Malicious File for Exploiting Forensic Software
- Mobile Malware: Why the traditional AV paradigm is doomed and how to use physics to detect undesirable routines
- New Trends in FastFlux Networks
- OPSEC failures of spies
- Password Hashing: the Future is Now
- Shattering Illusions in Lock-Free Worlds: Compiler/Hardware Behaviors in OSes and VMs
- TOR… ALL-THE-THINGS!
- Truncating TLS Connections to Violate Beliefs in Web Applications
- The Web IS Vulnerable: XSS Defense on the BattleFront
Fuente: http://www.cyberhades.com/
0 Notaciones:
Publicar un comentario