BlueHatIL 2019 Feb. 6, 2019 to Feb. 7, 2019, Tel Aviv, Israel

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
The AMDFlaws Story: Technical Deep Dive Ido Farkas On March 2018 CTS Labs published an advisory informing the public about the existence of ...
Supply Chain Security: "If I were a Nation State...” Andrew "bunnie" Huang Where did your computer come from? How many hands could have touched your machine before ...
Hardening Secure Boot on Embedded Devices for Hostile Environments Niek Timmers , Albert Mune Secure boot is essential for secure embedded devices to prevent malicious actors from obtaining persistent ...
The Things That Lurk in the Shadows Costin Raiu Looking at the discussions and development of sophisticated attack techniques, it is immediately obvious there ...
Transmogrifying Other People's Marketing into Threat Hunting Treasures Using Machine Learning Magic Bhavna Soman As the practice of threat intelligence has matured, machine readable feeds from home-grown OSINT systems ...
You (dis)liked mimikatz? Wait for kekeo Benjamin Delpy (@gentilkiwi) For years, you’ve tried to fight mimikatz, first to understand it, and maybe fight it ...
Bridging Emulation and the Real World with the Nintendo Game Boy Or Pinchasof ​Nintendo's Game Boy Advance is a superb embedded system for homebrew development. It has well ...
Practical Uses for Hardware-assisted Memory Visualization Ulf Frisk In this talk, we will explain and demo state-of-the-art hardware-assisted memory visualization and analysis. This ...
Keynote: Offenses in Cyber Offense John Scott Railton , Bill Satter N/A
Modern Day Hypnosis: Weaponizing Data to Influence the Public Christopher Wylie N/A
Attacking Edge Through the JavaScript Just-In-Time Compiler Bruno Keith While memory safety mitigations have drastically increased the difficulty of exploiting memory corruption bugs in ...
Trends, Challenges, and Strategic Shifts in the Software Vulnerability Mitigation Landscape Matt Miller The software vulnerability landscape has changed dramatically over the past 20+ years. During this period, ...
No Code No Crime: UPnP as an Off-the-Shelf Attacker's Toolkit X0rz Given the rise of exposed IoT and home routers, UPnP is quite an interesting attack ...
Who’s Watching the Watchdog? Uncovering a Privilege Escalation Vulnerability in OEM Driver Amit Rapaport With Microsoft continuously improving kernel mitigations and raising the exploitation bar for native kernel components, ...
PE-sieve: An Open-Source Process Scanner for Hunting and Unpacking Malware Hasherezade Most malware performs code injection into other processes. Typical reasons behind it are process impersonation, ...
Postscript Pat and His Black and White Hat Steven Seeley This talk details the approach taken to target Postscript engines (Adobe Distiller & Ghostscript) for ...
Make Static Instrumentation Great Again: High Performance Fuzzing for Windows System Lucas Leong AFL is a famous and successful feedback-driven fuzzer, originally developed for Linux targets. To increase ...
Life as an iOS Attacker Luca Todesco (@qwertyoruiop) As mitigations keep rolling in, the complexity of attacking iOS keeps growing. We will look ...