Blackhat Europe 2012 March 14, 2012 to March 16, 2012, Amsterdam, The Netherlands
Tell us about missing data
Tell us about missing data
Title | Speakers | Summary | Topic Types |
---|---|---|---|
KEYNOTE:Yet Another Look at the State of Security | Whitfield Diffie | Every day brings another sobering manifestation of cyber-insecurity and another prediction of doom from the ... | Security |
An Attacker's Day into Virology: Human vs Computer | Axelle Apvrille , Guillaume Lovet | "Computer virology bares such a strong resemblance with Human virology that both worlds have often ... | |
Opcodes Database Revival (or Why I Prefer to Collect jmp ESP Than Pokemons) | Jerome Athias | "The Opcode Database is an important resource for writers of new exploits. Buffer overflow exploits ... | Security |
Attacking IPv6 Implementation Using Fragmentation | Antonios Atlasis | IP fragmentation attacks is not a new issue. There are many publications regarding their exploitation ... | Security |
War Texting: Weaponizing Machine to Machine Systems | Don Bailey | "Devices have been attached to the telephone network for years. Typically, we think of these ... | Security |
Finding Needles in Haystacks (The Size of Countries) | Michael Baker | "The lament of security analysts is often a limitation in the amount of data they ... | Security |
FYI: You've Got LFI | Tal Be'ery | "RFI/ LFI attacks are a favorite choice for hackers. Why? A successful attack allows the ... | Security |
"Secure Password Managers" and "Military-Grade Encryption" on Smartphones: Oh Really? | Dmitry Sklyarov , Andrey Belenko | The task of providing privacy and data confidentiality with mobile applications becomes more and more ... | |
HDMI - Hacking Displays Made Interesting | Andy Davis | Picture this scene, which happens thousands of times every day all around the world: Someone ... | Security |
Beyond Scanning: Automating Web Application Security Tests | Stephen de Vries | Two new trends in web integration testing provide fresh tools to automate business logic and ... | Security |
The Heavy Metal That Poisoned the Droid | Tyrone Erasmus | "The widely publicised malware on the Android Marketplace relies on the fact that users do ... | Security |
The Mobile Exploit Intelligence Project | Dan Guido , Mike Arpaia | "As organizations look to deploy larger numbers of mobile devices over this year, there is ... | |
One-byte Modification for Breaking Memory Forensic Analysis | Takahiro Haruyama , Hiroshi Suzuki | "Memory forensics is an effective technique to detect malwares quickly or extract sensitive user data ... | |
Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices | Marcia Hofmann , Seth Schoen | A series of unfortunate court decisions allows border agents to search travelers\' laptops, mobile phones, ... | |
A Sandbox Odyssey | Vincenzo Iozzo | In this talk the App Sandboxing technology will be dissected to understand what are the ... | Security |
SSL/TLS Interception Proxies and Transitive Trust | Jeff Jarmoc | SSL/TLS is entrusted with securing many of the communications services we take for granted in ... | Security |
CANAPE: Bytes Your Bits | Michael Jordon , James Forshaw | Testing and exploiting binary network protocols can be both complex and time consuming. More often ... | |
GDI Font Fuzzing in Windows Kernel For Fun | Ling chuan Lee , Chan lee Yee | "There are different types of font available within Windows and two groups of categories exist: ... | |
Apple vs. Google Client Platforms | Felix ( FX ) Lindner | We will discuss the two different approaches Apple and Google take for the client platforms ... | Security |
An Assortment of Database Goodies | David Litchfield | This talk will look at a mixed bag of security weaknesses in the Oracle database ... | Security |
Drop It Like It's Hotspot: Hacking Mifi Routers For Nefarious Purposes | Steve Lord | "Many people (Steve included until recently) hold the opinion that the little black boxes you ... | Security |
Offensive Threat Modeling for Attackers: Turning Threat Modeling on its Head | Rafal Los , Shane Macdougall | Modern threat modeling is a defensive response to understanding a threat so as to prepare ... | |
Breeding Sandworms: How To Fuzz Your Way Out of Adobe Reader's Sandbox | Zhenhua Liu , Guillaume Lovet | "Adobe's interpretation of sandboxing is called Adobe Reader X Protected Mode. Inspired by Microsoft's Practical ... | |
Secure in 2010? Broken in 2011! | Matias Madou | In 2010, a security research firm stumbled on a couple of vulnerabilities in Apache OFBiz, ... | Security |
The Pwnage Saga Continues | Nikhil Mittal | "When Kautilya was being written, only one thing was thought of: utter pwnage. Operating Systems ... | Security |
Cyber-Attacks & SAP systems: Is Our Business-Critical Infrastructure Exposed? | Mariano Croce | Global Fortune 1000 companies, large governmental organizations and defense entities have something in common: they ... | Security |
Preventing "Oh Shit!" Moments for 20 Euros or Less | Philip Polstra | This presentation will discuss the use of microcontrollers in computer security and forensics. In particular, ... | Security |
Issues with Embedded Device Disclosures: Helping the Vendors and Recognizing the End-Users | Jerome Radcliffe | Computer security research often focuses on the disclosure of vulnerabilities in traditional computing devices, such ... | Security |
36 Views of Cyberspace | Damir Rajnovic | The word "cyberspace" is today used in many contexts but it is not always clear ... | Security |
All Your Calls Are Still Belong to Us: How We Compromised the Cisco VoIP Crypto Ecosystem | Enno Rey , Daniel Mende | Modern "Enterprise" VoIP solutions are complex beasts. They usually encompass application servers (e.g. for mailboxes ... | |
The IETF & The Future of Security Protocols: All The Signal, None of the Noise | Tom Ritter | "The IETF meets in person three times a year and publishes dozens of standards - ... | Security |
Smartphone's Apps Are Not That Smart: Insecure Development Practices | Simon Roses Femerling | Mobile Apps is a growing business with thousands of applications to choose from across the ... | Security |
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis | Paul Royal | "The detection of malware analysis environments has become popular and commoditized. Detection techniques previously reserved ... | Security |
IVR Security- Internal Network Attack via Phone Lines | Rahul Sasi | The following research is on IVR (Interactive Voice Response) systems which are currently used in ... | Security |
Dissecting Smart Meters | Justin Searle | "The Smart Grid brings greater benefits for electric utilities and customer alike, however these benefits ... | Security |
HTML5 Top 10 Threats: Stealth Attacks and Silent Exploits | Shreeraj Shah | "HTML5 is an emerging stack for next generation applications. HTML5 is enhancing browser capabilities and ... | Security |
Hacking XPATH 2.0 | Sumit "sid" Siddharth , Tom Forbes | The presentation will discuss the vulnerability XPATH Injection in depth and we will cover advanced ... | |
Lotus Domino: Penetration Through the Controller | Alexey Sintsov | In the talk an overview of some ways to break Lotus through the Domino Controller ... | Security |
Malicious PDF Analysis | Didier Stevens | This workshop will teach you the fundamentals you need to know to analyze (malicious) PDF ... | Security |
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces | Ben Williams | After a thorough examination of a number of common Security Gateway products over the past ... | Security |
Data Mining a Mountain of Zero Day Vulnerabilities | Chris Wysopal | Every day, software developers around the world, from Bangalore to Silicon Valley, churn out millions ... | Security |
The Kelihos Botnet | Kyle Yang | Kelihos is still alive, building its p2p infrastructure and sending spam. It quickly evolves after ... | Security |
Workshop: Understanding Botnets By Building One | Ken Baylor | Financial botnets are a major threat to the global Financial Infrastructure. Other botnets threaten our ... | Security |
Workshop: Mobile Network Forensics | Eric Fulton | "Intentionally or not, your phone leaks data to the world. What can you-- or your ... | Security |
Workshop: Teensy Programming for Everyone | Nikhil Mittal | Breaking into systems is getting harder by day using traditional methods. As a penetration tester ... | Security |