BlackhatAsia 2014 March 25, 2014 to March 28, 2014, Marina Bay Sands,Singapore

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
LET'S FIX THE MESS Dr. Steve Crocker Forty-five years ago the Arpanet came into existence, connecting computers with permanent, leased lines. Within ...
ABUSING THE INTERNET OF THINGS: BLACKOUTS, FREAKOUTS, AND STAKEOUTS Nitesh Dhanjani Homes and offices inspired by concept of Internet of Things (IoT) are here and so ...
ADVANCED JPEG STEGANOGRAPHY AND DETECTION John Ortiz We will dive deep into the JPEG algorithm and then explore numerous published hiding techniques, ...
AIS EXPOSED. UNDERSTANDING VULNERABILITIES AND ATTACKS 2.0 Marco ‘embyte’ Balduzzi Automatic Identification System (AIS) is a promoted standard and implementation for vessels traffic safety and ...
BEYOND 'CHECK THE BOX': POWERING INTRUSION INVESTIGATIONS Jim Aldridge Many organizations have implemented robust security tool suites and “checked the box” on security logging ...
BUILDING TROJAN HARDWARE AT HOME Jp Dunning How much do you trust the hardware shipped to your office or purchased at the ... IncludeThinkstScapes
COMPREHENSIVE VIRTUAL APPLIANCE DETECTION Kang Li , Xiaoning Li Our talk is about how to detect virtual appliance environments with script and binary. The ...
DISASTERS IN THE MAKING: HOW I TORTURE OPEN GOVERNMENT DATA SYSTEMS FOR FUN, PROFIT, AND TIME TRAVEL Tom Keenan "I'm from the government and I'm here to help you" takes on a sinister new ...
DISCOVERING DEBUG INTERFACES WITH THE JTAGULATOR Joe ( Kingpin ) Grand On-chip debug interfaces can provide chip-level control of a hardware device and are a primary ...
DIVING INTO IE 10'S ENHANCED PROTECTED MODE SANDBOX Mark Vincent Yason With the release of Internet Explorer 10 in Windows 8, an improved version of IE's ...
DUDE, WTF IN MY CAN! Alberto garcia Illera , Javier Vazquez Vidal In our previous presentation, we learned how did the security in some car ECUs work, ...
I KNOW YOU WANT ME - UNPLUGGING PLUGX Takahiro Haruyama , Hiroshi Suzuki PlugX is one of the most notorious RAT used for targeted attacks and the author ...
THE INNER WORKINGS OF MOBILE CROSS-PLATFORM TECHNOLOGIES Simon Roses Femerling New Apps are being published every week, dreaming to become the new hot App, where ...
JS SUICIDE: USING JAVASCRIPT SECURITY FEATURES TO KILL JS SECURITY Ahamed Nafeez JavaScript today has a presence in almost every single website across the Internet. Aggressive research ...
THE MACHINES THAT BETRAYED THEIR MASTERS Glenn Wilkinson The devices we carry betray us to those who want to invade our privacy by ...
OFFENSIVE: EXPLOITING DNS SERVERS CHANGES Leonardo Nve In a context of offensive security research, I identified that there are many vulnerabilities that ...
OWNING A BUILDING: EXPLOITING ACCESS CONTROL AND FACILITY MANAGEMENT SYSTEMS Billy Rios Modern facilities (such as corporate headquarters) are marvels of engineering. These buildings employ numerous embedded ... IncludeThinkstScapes
PDF ATTACK: A JOURNEY FROM THE EXPLOIT KIT TO THE SHELLCODE Jose Miguel Esparza "PDF Attack: A Journey From the Exploit Kit to the Shellcode" is a workshop to ...
PERSIST IT: USING AND ABUSING MICROSOFT'S FIX IT PATCHES Jon Erickson Microsoft has often used Fix It patches, which are a subset of Application Compatibility Fixes, ...
PRIVACY-BY-DESIGN FOR THE SECURITY PRACTITIONER Richard Chow Privacy-by-Design (PbD) has become the de facto standard, regulatory-approved approach towards addressing privacy concerns with ...
SAP, CREDIT CARDS, AND THE BIRD THAT KNOWS TOO MUCH Ertunga Arsal SAP applications build the business backbone of the largest organizations in the world. In this ...
SAY IT AIN'T SO - AN IMPLEMENTATION OF DENIABLE ENCRYPTION Ari Trachtenberg We are interested in the ability to lie convincingly about the contents of an encrypted ...
SCAN ALL THE THINGS - PROJECT SONAR Mark Schloesser Over the past year, the Rapid7 Labs team has conducted large-scale analysis on the data ... IncludeThinkstScapes
SOLUTUM CUMULUS MEDIOCRIS Eldar Marcussen Hosted payment gateways may offer an instant PCI compliance option for enterprises of any size. ...
TOMORROW'S NEWS IS TODAY'S INTEL: JOURNALISTS AS TARGETS AND COMPROMISE VECTORS Morgan Marquis-boire , Shane Huntley In today's threat landscape, targeted intrusion by government actors is something faced not only by ...
UI REDRESSING ATTACKS ON ANDROID DEVICES REVISITED Marcus Niemietz In this presentation, we describe high-impact user interface attacks on Android-based mobile devices, additionally focusing ...
ULTIMATE DOM BASED XSS DETECTION SCANNER ON CLOUD Nera Liu , Albert Yu As more and more rich interactive web applications are based on the HTML5's new capabilities ...
USB ATTACKS NEED PHYSICAL ACCESS RIGHT? NOT ANY MORE... Andy Davis For a number of years I have been interested in USB host security, which can ... IncludeThinkstScapes
YOU CAN'T SEE ME: A MAC OS X ROOTKIT USES THE TRICKS YOU HAVEN'T KNOWN YET Sung-ting Tsai , Ming-chieh Pan Attacking Mac OS X has become a trend as we see more and more malware ...