BlackHatAsia 2016 March 29, 2016 to March 1, 2016, marina bay,singapore

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
DEVALUING ATTACK: DISINCENTIVIZING THREATS AGAINST THE NEXT BILLION DEVICES Dino Dai Zovi Cyberattacks are not like natural disasters or other forces of nature, nor are they like ...
A NEW CVE-2015-0057 EXPLOIT TECHNOLOGY Yu Wang February 10, 2015, Patch Tuesday - Microsoft corporation pushed many system-level patches including CVE-2015-0057/MS15-010. On ...
ANDROID COMMERCIAL SPYWARE DISEASE AND MEDICATION Mustafa Saad Android-based smartphones are gaining significant advantages on its counterparts in terms of market share among ...
AUTOMATED DETECTION OF FIREFOX EXTENSION-REUSE VULNERABILITIES William Robertson , Ahmet Buyukkayhan Major web browsers provide extension mechanisms that allow third parties to modify the browser's behavior, ...
AUTOMATED DYNAMIC FIRMWARE ANALYSIS AT SCALE: A CASE STUDY ON EMBEDDED WEB INTERFACES Andrei Costin Embedded devices are becoming more widespread, interconnected, and web-enabled than ever. However, recent studies showed ...
BREAK OUT OF THE TRUMAN SHOW: ACTIVE DETECTION AND ESCAPE OF DYNAMIC BINARY INSTRUMENTATION Xiaoning Li , Ke Sun Dynamic Binary Instrumentation (DBI) is an important and powerful technique to analyze runtime code behaviors ...
BYPASSING BROWSER SECURITY POLICIES FOR FUN AND PROFIT Rafay Baloch Mobile browsers in comparison to desktop browsers are relatively new and have not gone under ...
CANTACT: AN OPEN TOOL FOR AUTOMOTIVE EXPLOITATION Eric Evenchick Controller Area Network (CAN) remains the leading protocol for networking automotive controllers. Access to CAN ...
DSCOMPROMISED: A WINDOWS DSC ATTACK FRAMEWORK Ryan Kazanciyan , Matt Hastings DSCompromised is a PowerShell-based toolkit that leverages Windows Desired State Configuration (DSC) for command-and-control, malware ...
ENTERPRISE APPS: BYPASSING THE IOS GATEKEEPER Ohad Bobrov , Avi Bashan A critical component of Apple's security model is how the App Store serves as gatekeeper ...
EXPLOITING LINUX AND PAX ASLR'S WEAKNESSES ON 32-BIT AND 64-BIT SYSTEMS Hector Marco-gisbert , Ismael Ripoll In this work, we present four weaknesses in current Linux and PaX ASLR design and ...
HACKING A PROFESSIONAL DRONE Nils Rodday Professional drones are now actively used across various industries (for example utility companies, law enforcement ...
HEY YOUR PARCEL LOOKS BAD - FUZZING AND EXPLOITING PARCEL-IZATION VULNERABILITIES IN ANDROID Qidan He Binder is the heart of Android IPC and parcel is its blood. Most things in ...
I'M NOT A HUMAN: BREAKING THE GOOGLE RECAPTCHA Iasonas Polakis , Suphannee Sivakorn Since their inception, captchas have been widely used for preventing fraudsters from performing illicit actions. ...
INCIDENT RESPONSE @ SCALE - BUILDING A NEXT GENERATION SOC Omer Cohen When the ratio of security personnel to endpoints/users/customers is so low, managing the amount of ...
LET'S SEE WHAT'S OUT THERE - MAPPING THE WIRELESS IOT Tobias Zillner "Radio... The final IoT frontier. These are the problems of penetration testers. Our continuing mission: ...
LOCKNOTE: CONCLUSIONS AND KEY TAKEAWAYS FROM BLACK HAT ASIA 2016 Jeff ( Dark Tangent ) Moss At the close of this year's conference, join Black Hat Founder Jeff Moss and members ...
MULTIVARIATE SOLUTIONS TO EMERGING PASSIVE DNS CHALLENGES Paul A. Vixie These days, most threat intelligence analysts know how to use passive DNS to pivot on ...
NEVER TRUST YOUR INPUTS: CAUSING 'CATASTROPHIC PHYSICAL CONSEQUENCES' FROM THE SENSOR (OR HOW TO FOOL ADC) Alexander Bolshev , Marina Krotofil Our world is analog. Computers are digital. When a microcontroller in an Industrial Control System ...
NUMCHECKER: A SYSTEM APPROACH FOR KERNEL ROOTKIT DETECTION Xueyang Wang , Xiaofei Guo Kernel rootkits are stealthy and can have unrestricted access to system resources. In our talk, ...
PLC-BLASTER: A WORM LIVING SOLELY IN THE PLC Ralf Spenneberg , Hendrik Schwartke , Maik Brueggemann We will present and demonstrate the first PLC only worm. Our PLC worm will scan ...
PRACTICAL NEW DEVELOPMENTS IN THE BREACH ATTACK Dimitris Karakostas , Dionysios Zindros In 2013, BREACH was the sensation of Black Hat USA, introducing a still not mitigated ...
RAPID RADIO REVERSING Michael Ossmann Wireless security researchers have an unprecedented array of tools at their disposal today. Although Software-Defined ...
SU-A-CYDER: HOMEBREWING MALWARE FOR IOS LIKE A B0$$! Chilik Tamir Developing malware for iOS devices has never been easier, so here is a tool to ...
THE KITCHEN'S FINALLY BURNED DOWN: DLP SECURITY BAKEOFF Zach Lanier , Kelly Lum Despite a plethora of data security and protection standards and certifications, companies and their systems ...
THE PERL JAM 2: THE CAMEL STRIKES BACK Netanel Rubin Presenting "The Perl Jam: Exploiting a 20 Year-old Vulnerability" at 31c3 opened a Pandora's Box ...
THE SECURITY WOLF OF WALL STREET: FIGHTING CRIME WITH HIGH-FREQUENCY CLASSIFICATION AND NATURAL LANGUAGE PROCESSING Thibault Reuille , Jeremiah O'connor In a world where threat actors move fast and the Internet evolves in a non-deterministic ...