La semana pasada publiqué una entrada con las presentaciones de la DEF CON 25 y está vez es la oportunidad de las presentaciones de Black Hat USA 2017, sin duda es un material de primera y recomiendo que vean al menos las presentaciones que les llamen la atención:
- Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
- ‘Ghost Telephonist’ Link Hijack Exploitations in 4G LTE CS Fallback
- (in)Security in Building Automation: How to Create Dark Buildings with Light Speed
- A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
- Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
- Adventures in Attacking Wind Farm Control Networks
- All Your SMS & Contacts Belong to ADUPS & Others
- An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
- And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
- Attacking Encrypted USB Keys the Hard(ware) Way
- Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
- Automated Testing of Crypto Software Using Differential Fuzzing
- AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
- Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
- Betraying the BIOS: Where the Guardians of the BIOS are Failing
- Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
- Blue Pill for Your Phone
- Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
- Bot vs. Bot for Evading Machine Learning Malware Detection
- Break
- Breakfast (Sponsored by FireEye McAfee Qualys & Tenable Network Security)
- Breaking Electronic Door Locks Like You’re on CSI: Cyber
- Breaking the Laws of Robotics: Attacking Industrial Robots
- Breaking the x86 Instruction Set
- Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom’s Wi-Fi Chipsets
- Bug Collisions Meet Government Vulnerability Disclosure
- Business Hall Welcome Reception (Sponsored by Forcepoint McAfee LogRhythm & Tenable Network Security)
- Challenges of Cooperation Across Cyberspace
- Champagne Toast (Sponsored by ESET North America Fidelis Cybersecurity Fortinet Leidos Palo Alto Networks Raytheon & Symantec)
- Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
- Coffee Service
- Cracking the Lens: Targeting HTTP’s Hidden Attack-Surface
- Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
- Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
- Defeating Samsung KNOX with Zero Privilege
- Delivering Javascript to World+Dog
- Developing Trust and Gitting Betrayed
- Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
- Don’t Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
- Electronegativity - A Study of Electron Security
- Escalating Insider Threats Using VMware’s API
- Evading Microsoft ATA for Active Directory Domination
- Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
- Evilsploit – A Universal Hardware Hacking Toolkit
- Evolutionary Kernel Fuzzing
- Exploit Kit Cornucopia
- Exploiting Network Printers
- Fad or Future? Getting Past the Bug Bounty Hype
- Fighting Targeted Malware in the Mobile Ecosystem
- Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
- Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
- FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
- Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
- Free-Fall: Hacking Tesla from Wireless to CAN Bus
- Friday the 13th: JSON Attacks
- Game of Chromes: Owning the Web with Zombie Chrome Extensions
- Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
- Go Nuclear: Breaking Radiation Monitoring Devices
- Go to Hunt Then Sleep
- Hacking Hardware with a $10 SD Card Reader
- Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
- Honey I Shrunk the Attack Surface – Adventures in Android Security Hardening
- How We Created the First SHA-1 Collision and What it Means for Hash Security
- Hunting GPS Jammers
- Ice Cream Social (Sponsored by Code42 Software Core Security Cybereason Darktrace F5 Networks iboss Malwarebytes & Optiv Security)
- Ichthyology: Phishing as a Science
- Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
- Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
- Influencing the Market to Improve Security
- Intel AMT Stealth Breakthrough
- Intel SGX Remote Attestation is Not Sufficient
- Intercepting iCloud Keychain
- IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
- kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
- Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
- Lunch Break (Sponsored by Cisco Forcepoint LogRhythm & RSA)
- Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
- Mimosa Bar (Sponsored by AlienVault Arbor Networks Carbon Black CrowdStrike Cylance DarkMatter Digital Guardian & IBM)
- Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
- New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
- Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
- Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
- OpenCrypto: Unchaining the JavaCard Ecosystem
- Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
- PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
- Practical Tips for Defending Web Applications in the Age of DevOps
- Protecting Pentests: Recommendations for Performing More Secure Tests
- Protecting Visual Assets: Digital Image Counter-Forensics
- Pwnie Awards
- Quantifying Risk in Consumer Software at Scale - Consumer Reports’ Digital Standard
- RBN Reloaded - Amplifying Signals from the Underground
- Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
- Redesigning PKI to Solve Revocation Expiration and Rotation Problems
- Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
- rVMI: A New Paradigm for Full System Analysis
- ShieldFS: The Last Word in Ransomware Resilient File Systems
- Skype & Type: Keystroke Leakage over VoIP
- Smoothie Social (Sponsored by Bromium Proofpoint Inc. Rapid7 SentinelOne Trend Micro Webroot StackPath & Tanium)
- So You Want to Market Your Security Product…
- Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
- Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
- SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers’ Lives Much Harder on Mobile Networks
- Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
- Taking Over the World Through MQTT - Aftermath
- Taking Windows 10 Kernel Exploitation to the Next Level – Leveraging Write-What-Where Vulnerabilities in Creators Update
- The Active Directory Botnet
- The Adventures of AV and the Leaky Sandbox
- The Art of Securing 100 Products
- The Avalanche Takedown: Landslide for Law Enforcement
- The Epocholypse 2038: What’s in Store for the Next 20 Years
- The Future of ApplePwn - How to Save Your Money
- The Industrial Revolution of Lateral Movement
- The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
- The Shadow Brokers – Cyber Fear Game-Changers
- They’re Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
- Tracking Ransomware End to End
- Web Cache Deception Attack
- Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
- What They’re Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
- What’s on the Wireless? Automating RF Signal Identification
- When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
- White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
- Why Most Cyber Security Training Fails and What We Can Do About it
- WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
- Wire Me Through Machine Learning
- WSUSpendu: How to Hang WSUS Clients
- Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
Fuente: