HackInTheBox 2014 May 29, 2014 to May 30, 2014, Amsterdam,Netherlands
Tell us about missing data
Tell us about missing data
| Title | Speakers | Summary | Topic Types |
|---|---|---|---|
| KEYNOTE 1: Security at the End of the Universe | Katie Moussouris | All the firewalls have been configured. All the IDS and AV signatures have been updated. ... | |
| KEYNOTE 2: Building a Strategic Defense Against the Global Threat Landscape | Kristin Lovejoy | Cyber threats have become a boardroom agenda and significant technical concern for many companies today, ... | |
| AIS Exposed: New Vulnerabilities and Attacks | Alessandro Pasta , Marco ‘embyte’ Balduzzi | AIS, Automatic Identification System, is a promoted standard and implementation for vessels traffic safety and ... | |
| Setup for Failure: More Ways to Defeat SecureBoot | Xeno Kovah , Corey Kallenberg , John Butterworth , Sam Cornwell | Over the past year, a number of BIOS security issues have come to light. And ... | |
| Vulnerabilities Exposed at the Protocol Level in TN3270-based Applications | Dominic White | Mainframe “green screen” applications are often accessed remotely over TCP/IP networks through the use of ... | IncludeThinkstScapes |
| Harder, Better, Faster Fuzzer: Advances in BlackBox Evolutionary Fuzzing | Fabien Duchene | Fuzzing (aka Fuzz-Testing) consists of automatically creating and evaluating inputs towards discovering vulnerabilities. Traditional undirected ... | |
| XSSing Your Way to Shell | Hans-michael Varbaek | Cross-Site Scripting isn’t new, but there is generally a large belief among vendors, corporations and ... | |
| The NSA Playset | Michael Ossmann | The leaked pages from the ANT catalog have given us unprecedented insight into the capabilities ... | |
| State of the ART: Exploring the New Android KitKat Runtime | Paul Vincent Sabanal | Android KitKat introduced a new experimental runtime virtual machine called ART which features ahead-of-time compilation ... | |
| Sniffing the Airwaves with RTL-SDR | Yashin Mehaboobe | Radio communication is one of those areas in which most solutions use security through obscurity. ... | |
| Hacking Your Cable TV Network: Die Hard Style | Rahul Sasi | Ever since I started with computers and hacking, I was fascinated with the idea of ... | |
| LOL (Layers On Layers) – Bypassing Endpoint Security for Fun and Profit | Rafal Wojtczuk , Rahul Kashyap | Over the past many years, there’ve been a plethora of security solutions available for Windows-based ... | |
| Legacy Sandboxing: Escaping IE11 Enhanced Protected Mode | James Forshaw | In June 2013 Microsoft started the first of their new bug-bounty programs, focusing on finding ... | IncludeThinkstScapes |
| Reloading Java Exploits: Long Live Old JRE! | Donato Ferrante , Luigi Auriemma | With the new releases of the Java Runtime, Oracle is trying to raise the level ... | |
| Exploiting NoSQL Like Never Before | Francis Alexander | With the rise of NoSQL databases,more and more corporates as well as end users have ... | IncludeThinkstScapes |
| Compromise-as-a-Service: Our PleAZURE | Enno Rey , Matthias Luft , Felix Wilhelm | This could have be a comprehensive introduction about the ubiquity of virtualization, the essential role ... | |
| REboot: Bootkits Revisited | Samuel Chevet | The first public bootkit POC was the BootRoot project presented by Derek Soeder at BlackHat ... | |
| CLOSING KEYNOTE: Cyber Security: Creation or Evolution | Mischel Kwon | An examination of Cybersecurity over the past 30 years. Where did this begin, where are ... | |
| KEYNOTE 3: Behind the Crosswire | Pamela Fusco | The mere existence of uncertainty alters decisions and outcomes. We are faced with making choices ... | |
| KEYNOTE 4: Hack It Forward | Jennifer Steffens | Thirty years ago, movies like War Games and The Manhattan Project inspired legions of digital ... | |
| Alice’s Adventures in Smart Building Land – Novel Adventures in a Cyber Physical Environment | Sebastian Szlosarczyk , Steffen Wendzel | Building automation systems (BAS) are IT components integrated in and capable to control and monitor ... | |
| Exploring and Exploiting iOS Web Browsers | Lukasz Pilorz , Marek Zmyslowski | In 2013, market share of mobile browsers in web traffic exceeded 20% and is constantly ... | |
| Exploit Development for New Platforms Based on 64-bits | Juan Sacco | Since every single CPU being sold in the last few years is 64 bits, it’s ... | |
| Scalable Network Recon: Why Port Scans are for Pussies | Fred Raynal , Adrien Guinet | Scanning the Internet is not a new topic. It has been done since forever and ... | |
| Bitcoin Forensics: Fact or Fiction? | Neyolov Evgeny | Bitcoin was one of the hottest topics of the past year. It is decentralized virtual ... | |
| JS Suicide: Using Javascript Security Features to Kill Itself | Ahamed Nafeez | JavaScript today has a presence in almost every single website across the Internet. Aggressive research ... | |
| On Her Majesty’s Secret Service: GRX and a Spy Agency | Rob Kuiters , Stephen Kho | GPRS Roaming eXchange (GRX) has been in mainstream media recently as part of the high ... | |
| Breaking Cloud Isolation | Ivan Novikov | This presentation consists of practical cases with examples of how to break different isolation mechanisms ... | |
| Tintorera: Attack Surface Intelligence of Source Code | Simon Roses | Software gets more complex by the minute, in many cases with millions of line of ... | |
| Exploiting Passbook to Fly For Free | Anthony Hariton | A lot of concerns arise about modern civil aviation by the day. From sophisticated hardware ... | |
| In the Middle of Printers: The (In)Security of Pull Printing Solutions | Jakub Kaluzny | Big corporations and financial institutions need secure pull printing services which guarantee proper encryption, data ... | |
| G-Jacking AppEngine-based Applications | Nicolas Collignon , Samir Megueddem | Cloud, SaaS, PaaS, IaaS… these buzzwords often mean obscure black boxes. Among all the offers, ... | |
| Shellcodes for ARM: Your Pills Don’t Work on Me, x86 | Svetlana Gaivoronski , Ivan Petrov | Despite that it is almost 2014, the problem of shellcode detection, discovered in 1999, is ... | |
| FRODO: Format Reverser of Data Objects | Anton Dorfman | All software works with data: receives input, processes it, and returns output. Understanding the data ... |