Black Hat Asia 2017

Star 0

Talks

Title	Humans
Man-in-the-SCADA: Anatomy of Data Integrity Attacks in Industrial Control Systems	Marina Krotofil , Chris Sistrunk , Honeywell Industrial Cyber Security Lab , Mandiant
Phishing for Funds: Understanding Business Email Compromise	Keith Turpin , Universal Weather and Aviation
Never Let Your Guard Down: Finding Unguarded Gates to Bypass Control Flow Guard with Big Data	Ke Sun , Ya Ou , Fortune 500
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox	Marco Grassi , Tencent Keen Security Lab
Delegate to the Top: Abusing Kerberos for Arbitrary Impersonations and RCE	Matan Hart , CyberArk
Go Get My/Vulnerabilities: An In-Depth Analysis of Go Language Runtime and the New Class of Vulnerabilities It Introduces	Roberto Clapis , Secure Network
Fried Apples: Jailbreak DIY	Max Bazaliy , Alex Hude , Vlad Putin , Lookout , BlackMagic Design
Hacking HTTP/2 - New Attacks on the Internet's Next Generation Foundation	Nadav Avital , Imperva
Betting Against the House: Security and Stability When the Odds are Against You	Neil Wyler , Bart Stump , RSA , Optiv Security
All Your Emails Belong to Us: Exploiting Vulnerable Email Clients via Domain Name Collision	Ilya Nesterov , Maxim Goncharov , Shape Security
The Power of Data-Oriented Attacks: Bypassing Memory Mitigation Using Data-Only Exploitation Techniques	Bing Sun , Chong Xu , Stanley Zhu , McAfee , Intel Security
The Seven Axioms of Security	Saumil Shah , Net Square
Dig Into the Attack Surface of PDF and Gain 100+ CVEs in 1 Year	Ke Liu , Tencent Security Xuanwu Lab
3G/4G Intranet Scanning and its Application on the WormHole Vulnerability	Guangdong Bai , Zhang Qing , Singapore Institute of Technology
Anti-Plugin: Don't Let Your App Play as an Android Plugin	Tongbo Luo , Cong Zheng , Zhi Xu , Xin Ouyang , Palo Alto Networks
Domo Arigato Mr. Roboto: Security Robots a la Unit-Testing	Seth Law , nVisium
The UEFI Firmware Rootkits: Myths and Reality	Alex Matrosov , Eugene Rodionov , Cylance , ESET
24 Techniques to Gather Threat Intel and Track Actors	Sun Huang , Wayne Huang , Proofpoint
Beyond the Blacklists: Detecting Malicious URL Through Machine Learning	Hao Dong , Chenghuai Lu , David Yu , Jin Shang , Hillstone Networks
Myth and Truth About Hypervisor-Based Kernel Protector: The Reason Why You Need Shadow-Box	Seunghun Han , Junghwan Kang , National Security Research Institute of South Korea
Cache Side Channel Attack: Exploitability and Countermeasures	Xiaofei Guo , Gorka Irazoqui , Cisco Tetration Analytics , Worcester Polytechnic Institute
Breaking Korea Transit Card with Side-Channel Attack - Unauthorized Recharging	Tae Won Kim , SNTWORKS, Korea University
The Irrelevance of K-Bytes Detection - Building a Robust Pipeline for Malicious Documents	Dan Amiga , Dor Knafo , Fireglass
MASHaBLE: Mobile Applications of Secret Handshakes Over Bluetooth LE	Yan Michalevsky , Stanford University
Hello From the Other Side: SSH Over Robust Cache Covert Channels in the Cloud	Michael Schwarz , Manuel Weber , Graz University of Technology
Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge	Henry Li , Jack Tang , Trend Micro, Inc.
Exploiting USB/IP in Linux	Ignat Korchagin , Cloudflare
Hack Microsoft Using Microsoft Signed Binaries	Pierre-Alexandre Braeken , Deloitte
What Malware Authors Don't Want You to Know - Evasive Hollow Process Injection	Monnappa K A , Cisco Systems
Mobile-Telephony Threats in Asia	Marco Balduzzi , Payas Gupta , Lion Gu , Pindrop , Trend Micro, Inc.
Drop the ROP: Fine-Grained Control-Flow Integrity for the Linux Kernel	João Moreira , University of Campinas
Why We are Not Building a Defendable Internet	Halvar Flake , Google Inc.
Open Sourcing Automotive Diagnostics	Eric Evenchick , Linklayer Labs
Locknote: Conclusions and Key Takeaways from Black Hat Asia 2017	Jeff Moss , Saumil Shah , Halvar Flake , Christian Karam , U.S. Department of Homeland Security Advisory Council , Net Square , Google Inc.
Daily-Life Peeper: Bug Hunting and Exploit Techniques in IoT	Yuhao Song , Huiming Liu , KEEN , GeekPwn Lab , Tencent Security Xuanwu Lab