Man-in-the-SCADA: Anatomy of Data Integrity Attacks in Industrial Control Systems
|
Marina Krotofil
,
Chris Sistrunk
,
Honeywell Industrial Cyber Security Lab
,
Mandiant
|
Phishing for Funds: Understanding Business Email Compromise
|
Keith Turpin
,
Universal Weather and Aviation
|
Never Let Your Guard Down: Finding Unguarded Gates to Bypass Control Flow Guard with Big Data
|
Ke Sun
,
Ya Ou
,
Fortune 500
|
Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
|
Marco Grassi
,
Tencent Keen Security Lab
|
Delegate to the Top: Abusing Kerberos for Arbitrary Impersonations and RCE
|
Matan Hart
,
CyberArk
|
Go Get My/Vulnerabilities: An In-Depth Analysis of Go Language Runtime and the New Class of Vulnerabilities It Introduces
|
Roberto Clapis
,
Secure Network
|
Fried Apples: Jailbreak DIY
|
Max Bazaliy
,
Alex Hude
,
Vlad Putin
,
Lookout
,
BlackMagic Design
|
Hacking HTTP/2 - New Attacks on the Internet's Next Generation Foundation
|
Nadav Avital
,
Imperva
|
Betting Against the House: Security and Stability When the Odds are Against You
|
Neil Wyler
,
Bart Stump
,
RSA
,
Optiv Security
|
All Your Emails Belong to Us: Exploiting Vulnerable Email Clients via Domain Name Collision
|
Ilya Nesterov
,
Maxim Goncharov
,
Shape Security
|
The Power of Data-Oriented Attacks: Bypassing Memory Mitigation Using Data-Only Exploitation Techniques
|
Bing Sun
,
Chong Xu
,
Stanley Zhu
,
McAfee
,
Intel Security
|
The Seven Axioms of Security
|
Saumil Shah
,
Net Square
|
Dig Into the Attack Surface of PDF and Gain 100+ CVEs in 1 Year
|
Ke Liu
,
Tencent Security Xuanwu Lab
|
3G/4G Intranet Scanning and its Application on the WormHole Vulnerability
|
Guangdong Bai
,
Zhang Qing
,
Singapore Institute of Technology
|
Anti-Plugin: Don't Let Your App Play as an Android Plugin
|
Tongbo Luo
,
Cong Zheng
,
Zhi Xu
,
Xin Ouyang
,
Palo Alto Networks
|
Domo Arigato Mr. Roboto: Security Robots a la Unit-Testing
|
Seth Law
,
nVisium
|
The UEFI Firmware Rootkits: Myths and Reality
|
Alex Matrosov
,
Eugene Rodionov
,
Cylance
,
ESET
|
24 Techniques to Gather Threat Intel and Track Actors
|
Sun Huang
,
Wayne Huang
,
Proofpoint
|
Beyond the Blacklists: Detecting Malicious URL Through Machine Learning
|
Hao Dong
,
Chenghuai Lu
,
David Yu
,
Jin Shang
,
Hillstone Networks
|
Myth and Truth About Hypervisor-Based Kernel Protector: The Reason Why You Need Shadow-Box
|
Seunghun Han
,
Junghwan Kang
,
National Security Research Institute of South Korea
|
Cache Side Channel Attack: Exploitability and Countermeasures
|
Xiaofei Guo
,
Gorka Irazoqui
,
Cisco Tetration Analytics
,
Worcester Polytechnic Institute
|
Breaking Korea Transit Card with Side-Channel Attack - Unauthorized Recharging
|
Tae Won Kim
,
SNTWORKS, Korea University
|
The Irrelevance of K-Bytes Detection - Building a Robust Pipeline for Malicious Documents
|
Dan Amiga
,
Dor Knafo
,
Fireglass
|
MASHaBLE: Mobile Applications of Secret Handshakes Over Bluetooth LE
|
Yan Michalevsky
,
Stanford University
|
Hello From the Other Side: SSH Over Robust Cache Covert Channels in the Cloud
|
Michael Schwarz
,
Manuel Weber
,
Graz University of Technology
|
Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge
|
Henry Li
,
Jack Tang
,
Trend Micro, Inc.
|
Exploiting USB/IP in Linux
|
Ignat Korchagin
,
Cloudflare
|
Hack Microsoft Using Microsoft Signed Binaries
|
Pierre-Alexandre Braeken
,
Deloitte
|
What Malware Authors Don't Want You to Know - Evasive Hollow Process Injection
|
Monnappa K A
,
Cisco Systems
|
Mobile-Telephony Threats in Asia
|
Marco Balduzzi
,
Payas Gupta
,
Lion Gu
,
Pindrop
,
Trend Micro, Inc.
|
Drop the ROP: Fine-Grained Control-Flow Integrity for the Linux Kernel
|
João Moreira
,
University of Campinas
|
Why We are Not Building a Defendable Internet
|
Halvar Flake
,
Google Inc.
|
Open Sourcing Automotive Diagnostics
|
Eric Evenchick
,
Linklayer Labs
|
Locknote: Conclusions and Key Takeaways from Black Hat Asia 2017
|
Jeff Moss
,
Saumil Shah
,
Halvar Flake
,
Christian Karam
,
U.S. Department of Homeland Security Advisory Council
,
Net Square
,
Google Inc.
|
Daily-Life Peeper: Bug Hunting and Exploit Techniques in IoT
|
Yuhao Song
,
Huiming Liu
,
KEEN
,
GeekPwn Lab
,
Tencent Security Xuanwu Lab
|