Blackhat Europe 2012 March 14, 2012 to March 16, 2012, Amsterdam, The Netherlands

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
KEYNOTE:Yet Another Look at the State of Security Whitfield Diffie Every day brings another sobering manifestation of cyber-insecurity and another prediction of doom from the ... Security
An Attacker's Day into Virology: Human vs Computer Axelle Apvrille , Guillaume Lovet "Computer virology bares such a strong resemblance with Human virology that both worlds have often ...
Opcodes Database Revival (or Why I Prefer to Collect jmp ESP Than Pokemons) Jerome Athias "The Opcode Database is an important resource for writers of new exploits. Buffer overflow exploits ... Security
Attacking IPv6 Implementation Using Fragmentation Antonios Atlasis IP fragmentation attacks is not a new issue. There are many publications regarding their exploitation ... Security
War Texting: Weaponizing Machine to Machine Systems Don Bailey "Devices have been attached to the telephone network for years. Typically, we think of these ... Security
Finding Needles in Haystacks (The Size of Countries) Michael Baker "The lament of security analysts is often a limitation in the amount of data they ... Security
FYI: You've Got LFI Tal Be'ery "RFI/ LFI attacks are a favorite choice for hackers. Why? A successful attack allows the ... Security
"Secure Password Managers" and "Military-Grade Encryption" on Smartphones: Oh Really? Dmitry Sklyarov , Andrey Belenko The task of providing privacy and data confidentiality with mobile applications becomes more and more ...
HDMI - Hacking Displays Made Interesting Andy Davis Picture this scene, which happens thousands of times every day all around the world: Someone ... Security
Beyond Scanning: Automating Web Application Security Tests Stephen de Vries Two new trends in web integration testing provide fresh tools to automate business logic and ... Security
The Heavy Metal That Poisoned the Droid Tyrone Erasmus "The widely publicised malware on the Android Marketplace relies on the fact that users do ... Security
The Mobile Exploit Intelligence Project Dan Guido , Mike Arpaia "As organizations look to deploy larger numbers of mobile devices over this year, there is ...
One-byte Modification for Breaking Memory Forensic Analysis Takahiro Haruyama , Hiroshi Suzuki "Memory forensics is an effective technique to detect malwares quickly or extract sensitive user data ...
Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices Marcia Hofmann , Seth Schoen A series of unfortunate court decisions allows border agents to search travelers\' laptops, mobile phones, ...
A Sandbox Odyssey Vincenzo Iozzo In this talk the App Sandboxing technology will be dissected to understand what are the ... Security
SSL/TLS Interception Proxies and Transitive Trust Jeff Jarmoc SSL/TLS is entrusted with securing many of the communications services we take for granted in ... Security
CANAPE: Bytes Your Bits Michael Jordon , James Forshaw Testing and exploiting binary network protocols can be both complex and time consuming. More often ...
GDI Font Fuzzing in Windows Kernel For Fun Ling chuan Lee , Chan lee Yee "There are different types of font available within Windows and two groups of categories exist: ...
Apple vs. Google Client Platforms Felix ( FX ) Lindner We will discuss the two different approaches Apple and Google take for the client platforms ... Security
An Assortment of Database Goodies David Litchfield This talk will look at a mixed bag of security weaknesses in the Oracle database ... Security
Drop It Like It's Hotspot: Hacking Mifi Routers For Nefarious Purposes Steve Lord "Many people (Steve included until recently) hold the opinion that the little black boxes you ... Security
Offensive Threat Modeling for Attackers: Turning Threat Modeling on its Head Rafal Los , Shane Macdougall Modern threat modeling is a defensive response to understanding a threat so as to prepare ...
Breeding Sandworms: How To Fuzz Your Way Out of Adobe Reader's Sandbox Guillaume Lovet , Zhenhua Liu "Adobe's interpretation of sandboxing is called Adobe Reader X Protected Mode. Inspired by Microsoft's Practical ...
Secure in 2010? Broken in 2011! Matias Madou In 2010, a security research firm stumbled on a couple of vulnerabilities in Apache OFBiz, ... Security
The Pwnage Saga Continues Nikhil Mittal "When Kautilya was being written, only one thing was thought of: utter pwnage. Operating Systems ... Security
Cyber-Attacks & SAP systems: Is Our Business-Critical Infrastructure Exposed? Mariano Croce Global Fortune 1000 companies, large governmental organizations and defense entities have something in common: they ... Security
Preventing "Oh Shit!" Moments for 20 Euros or Less Philip Polstra This presentation will discuss the use of microcontrollers in computer security and forensics. In particular, ... Security
Issues with Embedded Device Disclosures: Helping the Vendors and Recognizing the End-Users Jerome Radcliffe Computer security research often focuses on the disclosure of vulnerabilities in traditional computing devices, such ... Security
36 Views of Cyberspace Damir Rajnovic The word "cyberspace" is today used in many contexts but it is not always clear ... Security
All Your Calls Are Still Belong to Us: How We Compromised the Cisco VoIP Crypto Ecosystem Enno Rey , Daniel Mende Modern "Enterprise" VoIP solutions are complex beasts. They usually encompass application servers (e.g. for mailboxes ...
The IETF & The Future of Security Protocols: All The Signal, None of the Noise Tom Ritter "The IETF meets in person three times a year and publishes dozens of standards - ... Security
Smartphone's Apps Are Not That Smart: Insecure Development Practices Simon Roses Femerling Mobile Apps is a growing business with thousands of applications to choose from across the ... Security
Entrapment: Tricking Malware with Transparent, Scalable Malware Analysis Paul Royal "The detection of malware analysis environments has become popular and commoditized. Detection techniques previously reserved ... Security
IVR Security- Internal Network Attack via Phone Lines Rahul Sasi The following research is on IVR (Interactive Voice Response) systems which are currently used in ... Security
Dissecting Smart Meters Justin Searle "The Smart Grid brings greater benefits for electric utilities and customer alike, however these benefits ... Security
HTML5 Top 10 Threats: Stealth Attacks and Silent Exploits Shreeraj Shah "HTML5 is an emerging stack for next generation applications. HTML5 is enhancing browser capabilities and ... Security
Hacking XPATH 2.0 Sumit "sid" Siddharth , Tom Forbes The presentation will discuss the vulnerability XPATH Injection in depth and we will cover advanced ...
Lotus Domino: Penetration Through the Controller Alexey Sintsov In the talk an overview of some ways to break Lotus through the Domino Controller ... Security
Malicious PDF Analysis Didier Stevens This workshop will teach you the fundamentals you need to know to analyze (malicious) PDF ... Security
They Ought to Know Better: Exploiting Security Gateways via Their Web Interfaces Ben Williams After a thorough examination of a number of common Security Gateway products over the past ... Security
Data Mining a Mountain of Zero Day Vulnerabilities Chris Wysopal Every day, software developers around the world, from Bangalore to Silicon Valley, churn out millions ... Security
The Kelihos Botnet Kyle Yang Kelihos is still alive, building its p2p infrastructure and sending spam. It quickly evolves after ... Security
Workshop: Understanding Botnets By Building One Ken Baylor Financial botnets are a major threat to the global Financial Infrastructure. Other botnets threaten our ... Security
Workshop: Mobile Network Forensics Eric Fulton "Intentionally or not, your phone leaks data to the world. What can you-- or your ... Security
Workshop: Teensy Programming for Everyone Nikhil Mittal Breaking into systems is getting harder by day using traditional methods. As a penetration tester ... Security