Wednesday, June 06, 2018

Blackhat Talks to look forward to

The schedule for Blackhat 18 talks has been released here: https://www.blackhat.com/us-18/briefings.html

Looking forward to the following:

A Dive in to Hyper-V Architecture & Vulnerabilities (Could be useful, VMs are everywhere)
AI & ML in Cyber Security - Why Algorithms are Dangerous
An Attacker Looks at Docker: Approaching Multi-Container Applications
Applied Self-Driving Car Security (the original car hackers strike back)
Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies
Automated Discovery of Deserialization Gadget Chains (making deserialization vulnerability exploitation easier? yes please)
Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths (I like sci-fi)
Breaking the IIoT: Hacking industrial Control Gateways
Catch me Yes we can! – Pwning Social Engineers using Natural Language Processing Techniques in Real-Time
Deep Neural Networks for Hackers: Methods Applications and Open Source Tools
Don't @ Me: Hunting Twitter Bots at Scale
Edge Side Include Injection: Abusing Caching Servers into SSRF and Transparent Session Hijacking
Exposing the Bait: A Qualitative Look at the Impact of Autonomous Peer Communication to Enhance Organizational Phishing Detection
For the Love of Money: Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems
From Bot to Robot: How Abilities and Law Change with Physicality
From Workstation to Domain Admin: Why Secure Administration isn't Secure and How to Fix it
Identity Theft: Attacks on SSO Systems
Is the Mafia Taking Over Cybercrime? (tie into the recently-released Web of Profit study)
Last Call for SATCOM Security (see this article for a preview)
Meltdown: Basics Details Consequences
Open Sesame: Picking Locks with Cortana
Outsmarting the Smart City
Over-the-Air: How we Remotely Compromised the Gateway BCM and Autopilot ECUs of Tesla Cars
Practical Web Cache Poisoning: Redefining 'Unexploitable' (from Burp Suite extraordinaire himself)
Screaming Channels: Extracting Bluetooth and WiFi Keys from Radio Noise
SirenJack: Cracking a 'Secure' Emergency Warning Siren System
So I became a Domain Controller (from authors of mimikatz)
The Air-Gap Jumpers
The Science of Hiring and Retaining Female Cybersecurity Engineers
The Unbearable Lightness of BMC's
The Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of Industrial Control Systems Forever (I read the PDF but having it explained would be great)

 

No comments: