BlackHatEU 2015 Nov. 10, 2015 to Nov. 13, 2015, amsterdam,netherlands
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
WHAT GOT US HERE WONT GET US THERE | Haroon Meer | It's no secret that we have huge challenges in InfoSec: Every day we seem to ... | |
(IN-)SECURITY OF BACKEND-AS-A-SERVICE | Steven Arzt , Siegfried Rasthofer | Smartphone applications frequently need to store data remotely. From a developer's point of view, setting ... | |
A PEEK UNDER THE BLUE COAT | Raphaël Rigo | Blue Coat ProxySG systems are widely deployed in big corporations to handle web traffic proxying ... | |
ALL YOUR ROOT CHECKS BELONG TO US: THE SAD STATE OF ROOT DETECTION | Nathan S. Evans , Azzedine Benameur , Yun Shen | Today, mobile devices are ubiquitous; a facet of everyday life for most people. Due to ... | |
ANDROBUGS FRAMEWORK: AN ANDROID APPLICATION SECURITY VULNERABILITY SCANNER | Yu-cheng Lin | Android developers sometimes make coding mistakes with some of these mistakes leading to serious security ... | |
ATTACKING THE XNU KERNEL IN EL CAPITAIN | Luca Todesco | The XNU kernel powers Apple's operative systems. As their market share grows, exploitation of OS ... | |
AUTHENTICATOR LEAKAGE THROUGH BACKUP CHANNELS ON ANDROID | Guangdong Bai | Security of authentication protocols heavily replies on the confidentiality of credentials (or authenticators) like passwords ... | |
AUTOMATING LINUX MALWARE ANALYSIS USING LIMON SANDBOX | Monnappa K A | A number of devices are running Linux due to its flexibility and open source nature. ... | |
BREAKING ACCESS CONTROLS WITH BLEKEY | Eric Evenchick , Mark Baseggio | RFID access controls are broken. In this talk, we will demonstrate how to break into ... | |
BYPASSING LOCAL WINDOWS AUTHENTICATION TO DEFEAT FULL DISK ENCRYPTION | Ian Haken | In 2007, starting with Windows Vista, Microsoft began shipping a full disk encryption feature named ... | |
BYPASSING SELF-ENCRYPTING DRIVES (SED) IN ENTERPRISE ENVIRONMENTS | Kevvie Fowler , Daniel Boteanu | For years, Full-Disk Encryption (FDE) solutions have been advertised as the "silver bullet" solution to ... | |
COMMIX: DETECTING AND EXPLOITING COMMAND INJECTION FLAWS | Anastasios Stasinopoulos , Christoforos Ntantogian , Christos Xenakis | Command injections are prevalent to any application independently of its operating system that hosts the ... | |
CONTINUOUS INTRUSION: WHY CI TOOLS ARE AN ATTACKERS BEST FRIENDS | Nikhil Mittal | Continuous Integration (CI) tools provide an excellent attack surface due to the no/poor security controls, ... | |
CYBERCRIME IN THE DEEP WEB | Marco ‘embyte’ Balduzzi , Vincenzo Ciancaglini | All content not indexed by traditional web-based search engines is known as the DeepWeb. Wrongly ... | |
CYBERSECURITY FOR OIL AND GAS INDUSTRIES: HOW HACKERS CAN MANIPULATE OIL STOCKS | Alexander mikhailovich Polyakov , Mathieu Geli | The industries most plagued by cyber-attacks are oil and gas. Several attacks against the infrastructure ... | |
DEFENDING AGAINST MALICIOUS APPLICATION COMPATIBILITY SHIMS | Sean Pierce | The Application Compatibility Toolkit (ACT) is an important component of the Microsoft Application Compatibility ecosystem ... | |
EVEN THE LASTPASS WILL BE STOLEN DEAL WITH IT! | Alberto Garcia , Martin Vigo | Password managers have become very popular as a solution to avoid reusing passwords. With that ... | |
EXPLOITING ADOBE FLASH PLAYER IN THE ERA OF CONTROL FLOW GUARD | Francisco Falcon | Adobe Flash Player, one of the most ubiquitous pieces of software, is integrated into the ... | |
FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES | Daniel A. Mayer , Drew Suarez | The number of mobile users has recently surpassed the number of desktop users, emphasizing the ... | |
FUZZING ANDROID: A RECIPE FOR UNCOVERING VULNERABILITIES INSIDE SYSTEM COMPONENTS IN ANDROID | Alexandru Blanda | The presentation focuses on a fuzzing approach that can be used to uncover different types ... | |
GOING AUTH THE RAILS ON A CRAZY TRAIN | Jeff Jarmoc , Tomek Rabczak | Rails has a strong foundation in convention over configuration. In this regard, Rails handles a ... | |
HEY MAN HAVE YOU FORGOTTEN TO INITIALIZE YOUR MEMORY? | Yuki Chen , Linan Hao | When the rules for this year's Pwn2Own contest came out, there was only less than ... | |
HIDING IN PLAIN SIGHT - ADVANCES IN MALWARE COVERT COMMUNICATION CHANNELS | Christian Dietrich , Pierre-marc Bureau | Steganography, the art of concealing information in different types of medias, is a very old ... | |
HOW TO BREAK XML ENCRYPTION - AUTOMATICALLY | Juraj Somorovsky | In recent years, XML Encryption has become a target of several new attacks. These attacks ... | |
IMPLEMENTING PRACTICAL ELECTRICAL GLITCHING ATTACKS | Brett Giller | Techniques for glitching attacks are well known, but there is little information on how to ... | |
IS YOUR TIMESPACE SAFE? - TIME AND POSITION SPOOFING OPENSOURCELY | Aimin Pan , Wang Kang , Shuhua Chen | We have found a way to produce GPS spoofing with an extremely low cost SDR ... | |
LESSONS FROM DEFENDING THE INDEFENSIBLE | Marek Majkowski | For the last year, we've been working hard to optimize CloudFlare's infrastructure to survive different ... | |
LOCKNOTE: CONCLUSIONS AND KEY TAKEAWAYS FROM BLACK HAT EUROPE 2015 | Haroon Meer , Jeff ( Dark Tangent ) Moss , Marion Marschalek , Jennifer Savage | At the close of this year's conference, join Black Hat Founder Jeff Moss and members ... | |
LTE & IMSI CATCHER MYTHS | Ravishankar Borgaonkar , N. Asokan , Jean-pierre Seifert , Valtteri Niemi , Altaf Shaik | It is true that LTE (4G) is more secure than its old generations GSM (2G) ... | |
NEW (AND NEWLY-CHANGED) FULLY QUALIFIED DOMAIN NAMES: A VIEW OF WORLDWIDE CHANGES TO THE INTERNETS DNS | Paul A. Vixie | The Domain Name System (DNS) is highly dynamic, and changes to it are continually taking ... | |
NEW TOOL FOR DISCOVERING FLASH PLAYER 0-DAY ATTACKS IN THE WILD FROM VARIOUS CHANNELS | Peter Pi | 2015 is the Year of Flash. Zero day attacks found in 2015 are almost always ... | |
PANEL: WHAT YOU NEED TO KNOW ABOUT THE CHANGING REGULATORY LANDSCAPE IN INFORMATION SECURITY | Vincenzo Iozzo , Halvar Flake , Paul Timmers , Richard Tynan , Marietje Schaake | The past two years have seen an increasing amount of scrutiny of the Information Security ... | |
SELF-DRIVING AND CONNECTED CARS: FOOLING SENSORS AND TRACKING DRIVERS | Jonathan Petit | Automated and connected vehicles are the next evolution in transportation and will improve safety, traffic ... | |
SILENTLY BREAKING ASLR IN THE CLOUD | Mathias Payer , Thomas Gross , Antonio Barresi , Kaveh Razavi | To reduce the memory footprint and to increase the cost-effectiveness of virtual machines (VMs) running ... | |
STEGOSPLOIT - EXPLOIT DELIVERY WITH STEGANOGRAPHY AND POLYGLOTS | Saumil Udayan Shah | "A good exploit is one that is delivered with style." Stegosploit creates a new way ... | |
TRIAGING CRASHES WITH BACKWARD TAINT ANALYSIS FOR ARM ARCHITECTURE | Dongwoo Kim , Sangwho Kim | We have developed a set of tools for analyzing crashes that occur on Linux OS ... | |
UNBOXING THE WHITE-BOX: PRACTICAL ATTACKS AGAINST OBFUSCATED CIPHERS | Job de Haas , Cristofaro Mune , Eloi Sanfelix | White-Box Cryptography (WBC) aims to provide software implementations of cryptographic algorithms that are resistant against ... | |
VOIP WARS: DESTROYING JAR JAR LYNC | Fatih Ozavci | Enterprise companies are increasingly using Microsoft Lync 2010/2013 (a.k.a Skype for Business 2015) services as ... | |
VULNERABILITY EXPLOITATION IN DOCKER CONTAINER ENVIRONMENTS | Anthony Bettini | According to Forrester, 53% of IT respondents say their biggest concern about containers is security. ... | |
WATCHING THE WATCHDOG: PROTECTING KERBEROS AUTHENTICATION WITH NETWORK MONITORING | Michael Cherny , Tal Be'ery | Being the default authentication protocol for Windows-based networks, the Kerberos protocol is a prime target ... |