Firmware.RE: Firmware Unpacking, Analysis and Vulnerability-Discovery as a Service
|
Andrei Costin
,
Jonas Zaddach
,
Aurelien Francillon
,
Davide Balzarotti
,
EURECOM
|
C++11 Metaprogramming Applied to Software Obfuscation
|
Sebastien Andrivet
|
Counterfeiting the Pipes with FakeNet 2.0
|
Michael Sikorski
,
Andrew Honig
,
Mandiant, a division of FireEye, Inc.
,
Google Inc.
|
Don't Trust Your USB! How to Find Bugs in USB Device Drivers
|
Sergej Schumilo
,
Ralf Spenneberg
,
Hendrik Schwartke
,
OpenSource Security Ralf Spenneberg
|
Blended Web and Database Attacks on Real-Time, In-Memory Platforms
|
Juan Perez-Etchegoyen
,
Willis Vandevanter
,
Onapsis, Inc.
|
Exploring Yosemite: Abusing Mac OS X 10.10
|
Sung-ting Tsai
,
Ming-chieh Pan
,
Team T5
|
Revisiting XSS Sanitization
|
Ashar Javed
,
Ruhr University Bochum, Germany
|
Hacking the Wireless World with Software Defined Radio - 2.0
|
Balint Seeber
|
Side Channel Attacks - Past, Present, and Future
|
Adi Shamir
,
Weizmann Institute of Science
|
Hack Your ATM with Friend's Raspberry.Py
|
Alexey Osipov
,
Olga Kochetova
|
ret2dir: Deconstructing Kernel Isolation
|
Vasileios Kemerlis
,
Columbia University
|
Attacking the Linux PRNG on Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy
|
Sagi Kedmi
,
IBM Security Systems
|
Industrial Control Systems : Pentesting PLCs 101
|
Arnaud Soullie
,
Solucom
|
Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol
|
Mathew Solnik
,
Accuvant Labs
|
Freeze Drying for Capturing Environment-Sensitive Malware Alive
|
Yosuke Chubachi
,
FFRI, Inc.
|
Android Kernel and OS Security Assessment with Iron Crow
|
Akhil Arora
,
Sumanth Naropanth
,
Xerox Research Center India
,
Intel Corporation
|
Man in the Binder: He Who Controls IPC, Controls the Droid
|
Nitay Artenstein
,
Idan Revivo
,
Check Point
|
The Power of Pair: One Template that Reveals 100+ UAF IE Vulnerabilities
|
Bo Qu
,
ChienHua Lu
,
Palo Alto Networks
|
Bringing a Machete to the Amazon
|
Erik Peterson
,
Veracode
|
Hide Android Applications in Images
|
Axelle Apvrille
,
Ange Albertini
,
Fortinet, Inc.
|
SSL Validation Checking vs. Go(ing) to Fail
|
Thomas Brandstetter
,
Limes Security
|
PDF Attack: A Journey from the Exploit Kit to the Shellcode
|
Jose Miguel Esparza
,
Fox-IT
|
Lights Off! The Darkness of the Smart Meters
|
Alberto Garcia Illera
,
Javier Vazquez Vidal
,
Honey Badger
|
A Practical Attack Against VDI Solutions
|
Dan Koretsky
,
Lacoon Mobile Security
|
Reflected File Download - A New Web Attack Vector
|
Oren Hafif
,
Trustwave
|
Endrun - Secure Digital Communications for Our Modern Dystopia
|
Grant Dobbe
,
NuCivic, Inc.
|
Gyrophone: Eavesdropping Using a Gyroscope
|
Gabi Nakibly
,
Yan Michalevsky
,
Rafael and the Technion
,
Stanford University
|
APTs Way: Evading Your EBNIDS
|
Ali Abbasi
,
Jos Wetzels
,
University of Twente, Distributed and Embedded System Security Group
,
University of Twente
|
Roundtable: Defense Post-Snowden
|
Jeff Moss
,
U.S. Department of Homeland Security Advisory Council
|
Session Identifier are for Now, Passwords are Forever - XSS-Based Abuse of Browser Password Managers
|
Martin Johns
,
Ben Stock
,
Sebastian Lekies
,
SAP AG
,
University Erlangen-Nuremberg
|
Quantum Key Distribution and the Future of Encryption
|
Konstantinos Karagiannis
,
BT
|
Hadoop Security: Seven Ways to Kill an Elephant
|
Davi Ottenheimer
,
EMC
|
Lessons Learned from Eight Years of Breaking Hypervisors
|
Rafal Wojtczuk
,
Bromium
|
Quantified Self - A Path to Self-Enlightenment or Just a Security Nightmare?
|
Candid Wueest
,
Symantec
|
Analyzing UEFI BIOSes from Attacker & Defender Viewpoints
|
Xeno Kovah
,
John Butterworth
,
Corey Kallenberg
,
Samuel Cornwell
,
The MITRE Corporation
|
Abusing Software Defined Networks
|
Gregory Pickett
,
Hellfire Security
|
Evasion of High-End IDPS Devices at the IPv6 Era
|
Antonios Atlasis
,
Enno Rey
,
Rafael Schaefer
,
secfu.net
,
ERNW GmbH
|
WebKit Everywhere: Secure or Not?
|
Liang Chen
,
KeenTeam
|
Bypassing HTTP Strict Transport Security
|
Jose Selvi
,
INCIDE
|
Charge Your Device with the Latest Malware
|
Andre Pereira
,
INESC CRACS
|
Next Level Cheating and Leveling Up Mitigations
|
Joel St. John
,
Nicolas Guigo
,
iSEC Partners
|
A Journey to Protect Points-of-Sale *CANCELED* (speaker unable to attend)
|
Nir Valtman
,
NCR
|
Scala Security: Examining the Play and LiftWeb Frameworks
|
Erik Cabetas
,
Paolo Soto
,
Include Security
|
DTM Components: Shadow Keys to the ICS Kingdom
|
Alexander Bolshev
,
Gleb Cherbov
,
Digital Security
|
Network Attached Shell: N.A.S.ty Systems that Store Network Accessible Shells
|
Jacob Holcomb
,
Independent Security Evaluators
|
Two Factor Failure
|
Ryan Lackey
,
CloudFlare, Inc.
|
Same Origin Method Execution (SOME) - Exploiting a Callback for Same Origin Policy Bypass
|
Ben Hayak
,
Trustwave
|