blackhatUS 2016 Aug. 3, 2016 to Aug. 4, 2016, las vegas,usa

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
THE HIDDEN ARCHITECTURE OF OUR TIME: WHY THIS INTERNET WORKED HOW WE COULD LOSE IT AND THE ROLE HACKERS PLAY Dan Kaminsky What we call the Internet, was not our first attempt at making a global data ...
WELCOME & INTRODUCTION TO BLACK HAT USA 2016 Jeff ( Dark Tangent ) Moss N/A
$HELL ON EARTH: FROM BROWSER TO SYSTEM COMPROMISE Joshua Smith , Jasiel Spelman , Matt Molinyawe , Abdul-aziz Hariri The winning submissions to Pwn2Own 2016 provided unprecedented insight into the state of the art ...
1000 WAYS TO DIE IN MOBILE OAUTH Eric yawei Chen , Yuan Tian , Yutong Pei , Patrick Tague , Robert Kotcher OAuth has become a highly influential protocol due to its swift and wide adoption in ...
A JOURNEY FROM JNDI/LDAP MANIPULATION TO REMOTE CODE EXECUTION DREAM LAND Alvaro Muñoz , Oleksandr Mirosh JNDI (Java Naming and Directory Interface) is a Java API that allows clients to discover ...
A LIGHTBULB WORM? Colin O'flynn Could a worm spread through a smart light network? This talk explores the idea, and ...
A RETROSPECTIVE ON THE USE OF EXPORT CRYPTOGRAPHY David Adrian TLS has experienced three major vulnerabilities stemming from "export-grade" cryptography in the last year---FREAK, Logajm, ...
ABUSING BLEEDING EDGE WEB STANDARDS FOR APPSEC GLORY Bryant Zadegan , Ryan Lester Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have ...
ACCESS KEYS WILL KILL YOU BEFORE YOU KILL THE PASSWORD Loic Simon AWS users, whether they are devops in a startup or system administrators tasked with migrating ...
ACCOUNT JUMPING POST INFECTION PERSISTENCY & LATERAL MOVEMENT IN AWS Dan Amiga , Dor Knafo The widespread adoption of AWS as an enterprise platform for storage, computing and services makes ...
ADAPTIVE KERNEL LIVE PATCHING: AN OPEN COLLABORATIVE EFFORT TO AMELIORATE ANDROID N-DAY ROOT EXPLOITS Yulong Zhang , Tao Wei Although 0-day exploits are dangerous, we have to admit that the largest threat for Android ...
ADVANCED CAN INJECTION TECHNIQUES FOR VEHICLE NETWORKS Chris Valasek , Charlie Miller The end goal of a remote attack against a vehicle is physical control, usually by ...
AIRBNBEWARE: SHORT TERM RENTALS LONG TERM PWNAGE Jeremy Galloway What's scarier, letting HD Moore rent your house and use your home network for day ...
AMSI: HOW WINDOWS 10 PLANS TO STOP SCRIPT-BASED ATTACKS AND HOW WELL IT DOES IT Nikhil Mittal In Windows 10, Microsoft introduced the AntiMalware Scan Interface (AMSI) which is designed to target ...
AN AI APPROACH TO MALWARE SIMILARITY ANALYSIS: MAPPING THE MALWARE GENOME WITH A DEEP NEURAL NETWORK Konstantin Berlin In recent years, cyber defenders protecting enterprise networks have started incorporating malware code sharing identification ...
AN INCONVENIENT TRUST: USER ATTITUDES TOWARD SECURITY AND USABILITY TRADEOFFS FOR KEY-DIRECTORY ENCRYPTION SYSTEMS Patrick gage Kelley Many critical communications now take place digitally, but recent revelations demonstrate that these communications can ...
AN INSIDER'S GUIDE TO CYBER-INSURANCE AND SECURITY GUARANTEES Jeremiah Grossman $75 billion. That's the amount of money businesses, governments, and individuals pay every year to ...
ANALYSIS OF THE ATTACK SURFACE OF WINDOWS 10 VIRTUALIZATION-BASED SECURITY Rafal Wojtczuk In Windows 10, Microsoft introduced virtualization-based security (VBS), the set of security solutions based on ...
APPLIED MACHINE LEARNING FOR DATA EXFIL AND OTHER FUN TOPICS Brian Wallace , Matt Wolff , Xuan Zhao Machine learning techniques have been gaining significant traction in a variety of industries in recent ...
ATTACKING SDN INFRASTRUCTURE: ARE WE READY FOR THE NEXT-GEN NETWORKING? Changhoon Yoon , Seungsoo Lee Software-Defined Networking (SDN), by decoupling the control logic from the closed and proprietary implementations of ...
AUGMENTING STATIC ANALYSIS USING PINTOOL: ABLATION Paul Mehta Ablation is a tool built to extract information from a process as it executes. This ...
AVLEAK: FINGERPRINTING ANTIVIRUS EMULATORS FOR ADVANCED MALWARE EVASION Alexei Bulazel AVLeak is a tool for fingerprinting consumer antivirus emulators through automated black box testing. AVLeak ...
BAD FOR ENTERPRISE: ATTACKING BYOD ENTERPRISE MOBILE SECURITY SOLUTIONS Vincent Tan The global market for Bring Your Own Device (BYOD) and enterprise mobility is expected to ...
BADTUNNEL: HOW DO I GET BIG BROTHER POWER? Yang Yu This presentation will introduce a new threat model. Based on this threat model, we found ...
BADWPAD Maxim Goncharov WPAD (Web Proxy Auto Discovery) is a protocol that allows computers to automatically discover Web ...
BEYOND THE MCSE: ACTIVE DIRECTORY FOR THE SECURITY PROFESSIONAL Sean Metcalf Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, ...
BLUNTING THE PHISHER'S SPEAR: A RISK-BASED APPROACH FOR DEFINING USER TRAINING AND AWARDING ADMINISTRATIVE PRIVILEGES Arun Vishwanath Solving the "people problem" of cyber security requires us to understand why people fall victim ...
BREAKING FIDO: ARE EXPLOITS IN THERE? Jerrod Chong The state of authentication is in such disarray today that a black hat is no ...
BREAKING HARDWARE-ENFORCED SECURITY WITH HYPERVISORS Joseph Sharkey Hardware-Enforced Security is touted as the panacea solution to many modern computer security challenges. While ...
BREAKING KERNEL ADDRESS SPACE LAYOUT RANDOMIZATION (KASLR) WITH INTEL TSX Taesoo Kim , Yeongjin Jang , Sangho Lee Kernel hardening has been an important topic, as many applications and security mechanisms often consider ...
BREAKING PAYMENT POINTS OF INTERACTION (POI) Nir Valtman , Patrick Watson The payment industry is becoming more driven by security standards. However, the corner stones are ...
BRUTE-FORCING LOCKDOWN HARDDRIVE PIN CODES Colin O'flynn This presentation demonstrates a method of brute-forcing an AES-256 encrypted hard drive by spoofing the ...
BUILDING A PRODUCT SECURITY INCIDENT RESPONSE TEAM: LEARNINGS FROM THE HIVEMIND Kymberlee Price You've received vulnerability reports in your application or product, now what? As a positive, there ...
BUILDING TRUST & ENABLING INNOVATION FOR VOICE ENABLED IOT Lynn Terwoerds Voice enabled technology provides developers with great innovation opportunities as well as risks. The Voice ...
CALL ME: GATHERING THREAT INTELLIGENCE ON TELEPHONY SCAMS TO DETECT FRAUD Aude Marzuoli Robocalling, voice phishing and caller ID spoofing are common cybercrime techniques used to launch scam ...
CAN YOU TRUST ME NOW? AN EXPLORATION INTO THE MOBILE THREAT LANDSCAPE Shawn Moyer , Josh m0nk Thomas Before we dive into specific mobile vulnerabilities and talk as if the end times are ...
CANSPY: A PLATFORM FOR AUDITING CAN DEVICES Jonathan-christofer Demay , Arnaud Lebrun In the past few years, several tools have been released allowing hobbyists to connect to ...
CAPTAIN HOOK: PIRATING AVS TO BYPASS EXPLOIT MITIGATIONS Tomer Bitton , Udi Yavo Put a low-level security researcher in front of hooking mechanisms and you get industry-wide vulnerability ...
CAPTURING 0DAY EXPLOITS WITH PERFECTLY PLACED HARDWARE TRAPS Cody Pierce , Matt Fitch The security industry has gone to great lengths to make exploitation more difficult. Yet we ...
CERTIFICATE BYPASS: HIDING AND EXECUTING MALWARE FROM A DIGITALLY SIGNED EXECUTABLE Tom Nipravsky Malware developers are constantly looking for new ways to evade the detection and prevention capabilities ...
CRIPPLING HTTPS WITH UNHOLY PAC Itzik Kotler , Amit Klein You're in a potentially malicious network (free WiFi, guest network, or maybe your own corporate ...
CRUMBLING THE SUPERCOOKIE AND OTHER WAYS THE FCC PROTECTS YOUR INTERNET TRAFFIC Jonathan Mayer , Travis Leblanc You've probably heard of network neutrality. In 2015, the Federal Communications Commission enacted transformative rules ...
CUNNING WITH CNG: SOLICITING SECRETS FROM SCHANNEL Jake Kambic Secure Channel (Schannel) is Microsoft's standard SSL/TLS Library underpinning services like RDP, Outlook, Internet Explorer, ...
CYBER WAR IN PERSPECTIVE: ANALYSIS FROM THE CRISIS IN UKRAINE Kenneth Geers The conflict between Russia and Ukraine appears to have all the ingredients for "cyber war". ...
DANGEROUS HARE: HANGING ATTRIBUTE REFERENCES HAZARDS DUE TO VENDOR CUSTOMIZATION Nan Zhang For the purposes of tailoring the Android to different hardware platforms, countries/regions and other needs, ...
DARK SIDE OF THE DNS FORCE Erik Wu DNS is an essential substrate of the Internet, responsible for translating user-friendly Internet names into ...
DEFENSE AT HYPERSCALE: TECHNOLOGIES AND POLICIES FOR A DEFENSIBLE CYBERSPACE Jason Healey Cyber attackers have had the advantage for decades over defenders but we can and must ...
DEMYSTIFYING THE SECURE ENCLAVE PROCESSOR Tarjei Mandt , David Wang , Mathew solnik The secure enclave processor (SEP) was introduced by Apple as part of the A7 SOC ...
DESIGN APPROACHES FOR SECURITY AUTOMATION Peleus Uhley Organizations often scale at a faster pace than their security teams. Therefore, security teams need ...
DISCOVERING AND EXPLOITING NOVEL SECURITY VULNERABILITIES IN APPLE ZEROCONF Luyi Xing , Xiaolong Bai With the proliferation of portable computing systems such as tablet, smartphone, Internet of Things (IoT), ...
DOES DROPPING USB DRIVES IN PARKING LOTS AND OTHER PLACES REALLY WORK? Elie Bursztein At every Black Hat you will inevitably hear hackers boasting that they can break into ...
DPTRACE: DUAL PURPOSE TRACE FOR EXPLOITABILITY ANALYSIS OF PROGRAM CRASHES Rodrigo Rubira Branco , Rohit Mothe This research focuses on determining the practical exploitability of software issues by means of crash ...
DRONE ATTACKS ON INDUSTRIAL WIRELESS: A NEW FRONT IN CYBER SECURITY Jeff Melrose With new Drone technologies appearing in the consumer space daily, Industrial Plant operators are being ...
DUNGEONS DRAGONS AND SECURITY Tiphaine Romand Latapie The security community knows, the weak link is the human factor - from the project ...
EXPLOITING CURIOSITY AND CONTEXT: HOW TO MAKE PEOPLE CLICK ON A DANGEROUS LINK DESPITE THEIR SECURITY AWARENESS Zinaida Benenson Messages containing links to malware-infected websites represent a serious threat. Although success rates of such ...
GATTACKING BLUETOOTH SMART DEVICES - INTRODUCING A NEW BLE PROXY TOOL Slawomir Jasek Bluetooth Low Energy is probably the most thriving technology implemented recently in all kinds of ...
GREATFET: MAKING GOODFET GREAT AGAIN Michael Ossmann My evil plot began by making small but seemingly helpful contributions to the GoodFET project, ...
HACKING NEXT-GEN ATMS: FROM CAPTURE TO CASHOUT Weston Hecker Over the past year I have worked at understanding and breaking the new methods that ...
HACKPROOFING ORACLE EBUSINESS SUITE David Litchfield A recent security review by David Litchfield of Oracle's eBusiness Suite (fully patched) revealed it ...
HARDENING AWS ENVIRONMENTS AND AUTOMATING INCIDENT RESPONSE FOR AWS COMPROMISES Alex Mccormack , Andrew Krug Incident Response procedures differ in the cloud versus when performed in traditional, on-premise, environments. The ...
HEIST: HTTP ENCRYPTED INFORMATION CAN BE STOLEN THROUGH TCP-WINDOWS Mathy Vanhoef , Tom Van Goethem Over the last few years, a worryingly number of attacks against SSL/TLS and other secure ...
HORSE PILL: A NEW TYPE OF LINUX ROOTKIT Michael Leibowitz What if we took the underlying technical elements of Linux containers and used them for ...
HOW TO BUILD THE IMMUNE SYSTEM FOR THE INTERNET Xiaodun Fang This talk will not bring any new technical discussion on certain security aspect, but will ...
HTTP COOKIE HIJACKING IN THE WILD: SECURITY AND PRIVACY IMPLICATIONS Suphannee Sivakorn , Jason Polakis The widespread demand for online privacy, also fueled by widely-publicized demonstrations of session hijacking attacks ...
HTTP/2 & QUIC - TEACHING GOOD PROTOCOLS TO DO BAD THINGS Catherine (kate) Pearce , Carl Vincent The meteoric rise of SPDY, HTTP/2, and QUIC has gone largely unremarked upon by most ...
I CAME TO DROP BOMBS: AUDITING THE COMPRESSION ALGORITHM WEAPON CACHE Cara Marie A decompression bomb attack is relatively simple to perform --- but can be completely devastating ...
INTO THE CORE - IN-DEPTH EXPLORATION OF WINDOWS 10 IOT CORE Paul Vincent Sabanal The Internet of Things is becoming a reality, and more and more devices are being ...
INTRA-PROCESS MEMORY PROTECTION FOR APPLICATIONS ON ARM AND X86: LEVERAGING THE ELF ABI Sergey Bratus , Julian Bangert , Maxwell Koo Today's software needs to isolate not only processes but the many components *within* a process ...
INVESTIGATING DDOS - ARCHITECTURE ACTORS AND ATTRIBUTION Elliott Peterson , Andre Correa DDOS attack usage has been accelerating, in terms of both attack volume and frequency. Such ...
IRAN'S SOFT-WAR FOR INTERNET DOMINANCE Claudio Guarnieri , Collin Anderson Over the past decade, the Islamic Republic of Iran has been targeted by continual intrusion ...
KEYSTONE ENGINE: NEXT GENERATION ASSEMBLER FRAMEWORK Nguyen Anh Quynh Assembler is an application that compiles a string of assembly code and returns instruction encodings. ...
LANGUAGE PROPERTIES OF PHONE SCAMMERS: CYBERDEFENSE AT THE LEVEL OF THE HUMAN Judith Tabron The prevalence of human interactive components of serious system breaches continues to be a problem ...
MEASURING ADVERSARY COSTS TO EXPLOIT COMMERCIAL SOFTWARE: THE GOVERNMENT-BOOTSTRAPPED NON-PROFIT C.I.T.L. Sarah Zatko , Mudge . Many industries, provide consumers with data about the quality, content, and cost of ownership of ...
MEMORY FORENSICS USING VIRTUAL MACHINE INTROSPECTION FOR CLOUD COMPUTING Tobias Zillner The relocation of systems and services into cloud environments is on the rise. Because of ...
NEXT-GENERATION OF EXPLOIT KIT DETECTION BY BUILDING SIMULATED OBFUSCATORS Tongbo Luo , Xing Jin Recently, driving-by downloads attacks have almost reached epidemic levels, and exploit-kit is the propulsion to ...
NONCE-DISRESPECTING ADVERSARIES: PRACTICAL FORGERY ATTACKS ON GCM IN TLS Philipp Jovanovic , Sean Devlin , Hanno Zauner We investigate nonce-reuse issues with the Galois/Counter Mode (GCM) algorithm as used in TLS. Nonce ...
O-CHECKER: DETECTION OF MALICIOUS DOCUMENTS THROUGH DEVIATION FROM FILE FORMAT SPECIFICATIONS Yuhei Otsubo Documents containing executable files are often used in targeted email attacks in Japan. We examine ...
OSS SECURITY MATURITY: TIME TO PUT ON YOUR BIG BOY PANTS! Jake Kouns , Christine Gadsby Open source software (OSS) usage is on the rise and also continues to be a ...
OUROBOROS: TEARING XEN HYPERVISOR WITH THE SNAKE Shangcong Luan The Xen Project has been a widely used virtualization platform powering some of the largest ...
OVER THE EDGE: SILENTLY OWNING WINDOWS 10'S SECURE BROWSER Herbert Bos , Cristiano Giuffrida , Kaveh Razavi , Erik Bosman Memory deduplication, a well-known technique to reduce the memory footprint across virtual machines, is now ...
PANGU 9 INTERNALS Tielei Wang , Hao Xu , Xiaobo Chen Pangu 9, the first (and only) untethered jailbreak tool for iOS 9, exploited a sequence ...
PAY NO ATTENTION TO THAT HACKER BEHIND THE CURTAIN: A LOOK INSIDE THE BLACK HAT NETWORK Neil Wyler , Bart Stump Each year thousands of security professionals answer the siren song of Black Hat USA. They ...
PINDEMONIUM: A DBI-BASED GENERIC UNPACKER FOR WINDOWS EXECUTABLE Sebastiano Mariani , Lorenzo Fontana Nowadays malware authors employ multiple obfuscation and packing techniques to hinder the process of reverse ...
PLC-BLASTER: A WORM LIVING SOLELY IN THE PLC Ralf Spenneberg , Hendrik Schwartke , Maik Brüggemann We will present and demonstrate the first PLC only worm. Our PLC worm will scan ...
PWNING YOUR JAVA MESSAGING WITH DESERIALIZATION VULNERABILITIES Matthias Kaiser Messaging can be found everywhere. It's used by your favourite Mobile Messenger as well as ...
RECOVER A RSA PRIVATE KEY FROM A TLS SESSION WITH PERFECT FORWARD SECRECY Marco Ortisi They always taught us that the only thing that can be pulled out from a ...
SAMSUNG PAY: TOKENIZED NUMBERS FLAWS AND ISSUES Salvador Mendoza Samsung announced many layers of security to its Pay app. Without storing or sharing any ...
SECURE PENETRATION TESTING OPERATIONS: DEMONSTRATED WEAKNESSES IN LEARNING MATERIAL AND TOOLS Wesley Mcgrew Following previous presentations on the dangers penetration testers face in using current off-the-shelf tools and ...
SECURITY THROUGH DESIGN - MAKING SECURITY BETTER BY DESIGNING FOR PEOPLE Jelle Niemantsverdriet In this session we will explore why certain devices, pieces of software or companies lead ...
SGX SECURE ENCLAVES IN PRACTICE: SECURITY AND CRYPTO REVIEW Jean-Philippe Aumasson , Luis Merino Software Guard Extensions (SGX) is a technology available in Intel(R) CPUs released in autumn 2015. ...
SIDE-CHANNEL ATTACKS ON EVERYDAY APPLICATIONS Taylor Hornby In 2013, Yuval Yarom and Katrina Falkner discovered the FLUSH+RELOAD L3 cache side-channel. So far ...
SUBVERTING APPLE GRAPHICS: PRACTICAL APPROACHES TO REMOTELY GAINING ROOT Liang Chen , Marco Grassi , Yubin Fu , Qidan He Apple graphics, both the userland and the kernel components, are reachable from most of the ...
TCP INJECTION ATTACKS IN THE WILD - A LARGE SCALE STUDY Gabi Nakibly In this work we present a massively large-scale survey of Internet traffic that studies the ...
THE ART OF DEFENSE - HOW VULNERABILITIES HELP SHAPE SECURITY FEATURES AND MITIGATIONS IN ANDROID Nick Kralevich Information security is ever evolving, and Android's security posture is no different. Android users faces ...
THE ART OF REVERSE ENGINEERING FLASH EXPLOITS Jeong wook Oh Adobe Flash is one of the battlegrounds of exploit and mitigation methods. As most of ...
THE BEAST WITHIN - EVADING DYNAMIC MALWARE ANALYSIS USING MICROSOFT COM Ralf Hund Microsoft Common Object Model (COM) is a technology for providing a binary programming interface for ...
THE LINUX KERNEL HIDDEN INSIDE WINDOWS 10 Alex Ionescu Initially known as "Project Astoria" and delivered in beta builds of Windows 10 Threshold 2 ...
THE REMOTE MALICIOUS BUTLER DID IT! Tal Be'ery , Chaim Hoch An Evil Maid attack is a security exploit that targets a computing device that has ...
THE RISK FROM POWER LINES: HOW TO SNIFF THE G3 AND PRIME DATA AND DETECT THE INTERFERE ATTACK Lei Ji , Yunding Jian Power line communication (PLC) is a kind of communication technology which uses the power line ...
THE TAO OF HARDWARE THE TE OF IMPLANTS Joe Fitzpatrick Embedded, IOT, and ICS devices tend to be things we can pick up, see, and ...
THE YEAR IN FLASH Natalie Silvanovich Adobe Flash continues to be a popular target for attackers in the wild. As an ...
TIMING ATTACKS HAVE NEVER BEEN SO PRACTICAL: ADVANCED CROSS-SITE SEARCH ATTACKS Nethanel Gelernter Cross-site search (XS-search) is a practical timing side-channel attack that allows the extraction of sensitive ...
TOWARDS A HOLISTIC APPROACH IN BUILDING INTELLIGENCE TO FIGHT CRIMEWARE Dhia Mahjoub , Thomas Mathew , Mykhailo Sakaly To defeat your adversaries, it is crucial to understand how they operate and to develop ...
UNDERSTANDING HL7 2.X STANDARDS PEN TESTING AND DEFENDING HL7 2.X MESSAGES Anirudh Duggal Health Level-7 or HL7 refers to a set of international standards for transfer of clinical ...
UNLEASH THE INFECTION MONKEY: A MODERN ALTERNATIVE TO PEN-TESTS Ofri Ziv Security breaches never happen exactly the way you expected or planned for. Yet an organization's ...
USING AN EXPANDED CYBER KILL CHAIN MODEL TO INCREASE ATTACK RESILIENCY Sean Malone The Cyber Kill Chain model provides a framework for understanding how an adversary breaches the ...
USING EMET TO DISABLE EMET Abdulellah Alsaheel , Raghav Pande Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a project that adds security mitigations to user ...
USING UNDOCUMENTED CPU BEHAVIOR TO SEE INTO KERNEL MODE AND BREAK KASLR IN THE PROCESS Anders Fogh , Daniel Gruss Typically, hackers focus on software bugs to find vulnerabilities in the trust model of computers. ...
VIRAL VIDEO - EXPLOITING SSRF IN VIDEO CONVERTERS Nikolay Ermishkin , Maxim Andreev Many web applications allow users to upload video - video/image hostings, cloud storages, social networks, ...
VOIP WARS: THE PHREAKERS AWAKEN Fatih Ozavci Larger organisations are using VoIP within their commercial services and corporate communications and the take ...
WATCHING COMMODITY MALWARE GET SOLD TO A TARGETED ACTOR Israel Barak Detected breaches are often classified by security operation centers and incident response teams as either ...
WEAPONIZING DATA SCIENCE FOR SOCIAL ENGINEERING: AUTOMATED E2E SPEAR PHISHING ON TWITTER John Seymour , Philip Tully Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification ...
WEB APPLICATION FIREWALLS: ANALYSIS OF DETECTION LOGIC Vladimir Ivanov The presentation will highlight the core of Web Application Firewall (WAF): detection logic, with an ...
WHAT'S THE DFIRENCE FOR ICS? Chris Sistrunk , Josh Triplett Digital Forensics and Incident Response (DFIR) for IT systems has been around quite a while, ...
WHEN GOVERNMENTS ATTACK: STATE SPONSORED MALWARE ATTACKS AGAINST ACTIVISTS LAWYERS AND JOURNALISTS Eva Galperin , Cooper Quintin Targeted malware campaigns against Activists, Lawyers and journalists are becoming extremely commonplace. These attacks range ...
WHEN THE COPS COME A-KNOCKING: HANDLING TECHNICAL ASSISTANCE DEMANDS FROM LAW ENFORCEMENT Jennifer Granick , Riana Pfefferkorn What kind of surveillance assistance can the U.S. government force companies to provide? This issue ...
WINDOWS 10 MITIGATION IMPROVEMENTS David Weston , Matt Miller Continuous improvements have been made to Windows and other Microsoft products over the past decade ...
WINDOWS 10 SEGMENT HEAP INTERNALS Mark Vincent Yason Introduced in Windows 10, Segment Heap is the native heap used in Windows app (formerly ...