ZeroNights 2014 Nov. 13, 2014 to Nov. 14, 2014, moscow,russia

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote: Is infosec a game? Alexander Peslyak Yesterday infosec was such an easy game to play. Now we need a place to ...
Project Heapbleed Patroklos Argyroudis Heap related bugs (such as buffer overflows, use-after-frees, dangling/stale pointers, double frees) leading to corruptions ...
Chip reversing Dmitry Nedospasov Everyone has heard about software vulnerabilities, but only a few are familiar with chip vulnerabilities. ...
Crypto coding v2 Jean-Philippe Aumasson 2014 has seen epic failures of crypto implementations, new projects created in reaction to those ...
Hardware assisted virtualization in AV software Peter Kamensky AV software strives to become more and more advanced and secure. So, unsurprisingly, the vendors ...
Hunting for top bounties Nicolas Gregoire After one of these stupid bets, I had to look at bug bounty programs. I ...
Fuzzer of the state - evolutionary black-box fuzzing Fabien Duchene Fuzzing is the automatic creation and evaluation of inputs for discovering vulnerabilities. Traditional undirected black-box ...
Racing with Droids Peter Hlavaty In the past few years, the bar for exploitation was raised highly, and in the ...
EMET 5.0 – armor or curtain? René Freingruber EMET (Enhanced Mitigation Experience Toolkit) is an application which can be used to further harden ...
Steroids for your App Security assessments Marco Grassi In this talk we will put our skills in apps security assessment on Steroids. We ...
De-anonymization and total espionage Dmitry Boomov This talk is dedicated to de-anonymizing active Internet users. We will give a hands-on demonstration ...
Deobfuscation and beyond Dmitry Schelkunov , Vasily Bukasov We'll speak about obfuscation techniques which commercial (and not only) obfuscators use and how symbolic ...
Your Q is my Q Georgi Geshev Message Queueing concepts are well established in enterprise environments which are already known to be ...
4x4G: from SIM to GGSN Alexey Osipov , Timur Yunusov , Kirill Nesterov Spring came to a certain country and brought the urge to compile in nature’s lap ...
Unexpected expected exception: think different about web-related vulnerabilities Ivan Novikov This talk reviews the logic and design vulnerabilities of web applications which exist because of ...
How to *really* piss off the surveillance state with your privacy tool Jake Mcginty For the first time at a hacker con, we’ll combine psychology, cryptography and political/technical evidence ...
DTM components: shadow keys to the ICS kingdom Alexander Bolshev , Gleb Cherbov , Svetlana Cherkasova Today, industrial control system architectures are complex, multilayered networks, based on many popular (now and ...
Non-cryptographic research of orthodox cryptographic media, or How we tested the security of key data storage on tokens… Sergey Soldatov , Mikhail Egorov Special cryptographic devices are traditionally used to store encryption keys securely: hardware USB or smart ...
The past, the present and the future of software exploitation techniques Nikita Tarakanov It began with lame stack-based buffer overflows. Then DEP/NX appeared, that should raise the bar. ...
Miniaturization (Fitting a full process control attack into a small microcontroller) Jason Larsen Many papers have discussed hacking into a process control system. Very few papers talk about ...