Talks

1

• 1000 Ways to Die in Mobile OAuth

A

• Abusing Bleeding Edge Web Standards for AppSec Glory

• Access Keys Will Kill You Before You Kill the Password

• Account Jumping Post Infection Persistency & Lateral Movement in AWS

• Adaptive Kernel Live Patching: An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits

• Advanced CAN Injection Techniques for Vehicle Networks

• AirBnBeware: Short Term Rentals Long Term Pwnage

• A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land

• A Lightbulb Worm?

• AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It

• An AI Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network

• Analysis of the Attack Surface of Windows 10 Virtualization-Based Security

• An Inconvenient Trust: User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems

• An Insider's Guide to Cyber-Insurance and Security Guarantees

• Applied Machine Learning for Data Exfil and Other Fun Topics

• A Retrospective on the Use of Export Cryptography

• Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking?

• Augmenting Static Analysis Using Pintool: Ablation

• AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion

B

• Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions

• BadTunnel: How Do I Get Big Brother Power?

• badWPAD

• Behind The Scenes of iOS Security

• Beyond the MCSE: Active Directory for the Security Professional

• Blunting the Phisher's Spear: A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges

• Breaking FIDO: Are Exploits in There?

• Breaking Hardware-Enforced Security with Hypervisors

• Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX

• Breaking Payment Points of Interaction (POI)

• Brute-Forcing Lockdown Harddrive PIN Codes

• Building a Product Security Incident Response Team: Learnings from the Hivemind

• Building Trust & Enabling Innovation for Voice Enabled IoT

C

• Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud

• CANCELLED - How to Build the Immune System for the Internet

• CANSPY: A Platform for Auditing CAN Devices

• Can You Trust Me Now? An Exploration into the Mobile Threat Landscape

• Captain Hook: Pirating AVs to Bypass Exploit Mitigations

• Capturing 0day Exploits with PERFectly Placed Hardware Traps

• Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable

• Crippling HTTPS with Unholy PAC

• Crumbling the Supercookie and Other Ways the FCC Protects Your Internet Traffic

• Cunning with CNG: Soliciting Secrets from Schannel

• Cyber War in Perspective: Analysis from the Crisis in Ukraine

D

• Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization

• Dark Side of the DNS Force

• Defense at Hyperscale: Technologies and Policies for a Defensible Cyberspace

• Demystifying the Secure Enclave Processor

• Design Approaches for Security Automation

• Discovering and Exploiting Novel Security Vulnerabilities in Apple ZeroConf

• Does Dropping USB Drives in Parking Lots and Other Places Really Work?

• DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes

• Drone Attacks on Industrial Wireless: A New Front in Cyber Security

• Dungeons Dragons and Security

E

• Exploiting Curiosity and Context: How to Make People Click on a Dangerous Link Despite Their Security Awareness

G

• GATTacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool

• GreatFET: Making GoodFET Great Again

H

• Hacking Next-Gen ATMs: From Capture to Cashout

• Hackproofing Oracle eBusiness Suite

• Hardening AWS Environments and Automating Incident Response for AWS Compromises

• HEIST: HTTP Encrypted Information can be Stolen Through TCP-Windows

$

• $hell on Earth: From Browser to System Compromise

H

• Horse Pill: A New Type of Linux Rootkit

• HTTP/2 & QUIC - Teaching Good Protocols To Do Bad Things

• HTTP Cookie Hijacking in the Wild: Security and Privacy Implications

I

• I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache

• Into The Core - In-Depth Exploration of Windows 10 IoT Core

• Intra-Process Memory Protection for Applications on ARM and x86: Leveraging the ELF ABI

• Investigating DDOS - Architecture Actors and Attribution

• Iran's Soft-War for Internet Dominance

K

• Keystone Engine: Next Generation Assembler Framework

L

• Language Properties of Phone Scammers: Cyberdefense at the Level of the Human

M

• Measuring Adversary Costs to Exploit Commercial Software: The Government- Bootstrapped Non-Profit C.I.T.L.

• Memory Forensics Using Virtual Machine Introspection for Cloud Computing

N

• Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators

• Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS

O

• O-checker: Detection of Malicious Documents Through Deviation from File Format Specifications

• OSS Security Maturity: Time to Put On Your Big Boy Pants!

• Ouroboros: Tearing Xen Hypervisor with the Snake

• Over the Edge: Silently Owning Windows 10's Secure Browser

P

• Pangu 9 Internals

• Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network

• PINdemonium: A DBI-Based Generic Unpacker for Windows Executable

• PLC-Blaster: A Worm Living Solely in the PLC

• Pwning Your Java Messaging with Deserialization Vulnerabilities

R

• Recover a RSA Private Key from a TLS Session with Perfect Forward Secrecy

S

• Samsung Pay: Tokenized Numbers Flaws and Issues

• Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools

• Security Through Design - Making Security Better by Designing for People

• SGX Secure Enclaves in Practice: Security and Crypto Review

• Side-Channel Attacks on Everyday Applications

• Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root

T

• TCP Injection Attacks in the Wild - A Large Scale Study

• The Art of Defense - How Vulnerabilities Help Shape Security Features and Mitigations in Android

• The Art of Reverse Engineering Flash Exploits

• The Beast Within - Evading Dynamic Malware Analysis Using Microsoft COM

• The Hidden Architecture of our Time: Why This Internet Worked How We Could Lose It and the Role Hackers Play

• The Linux Kernel Hidden Inside Windows 10

• The Remote Malicious Butler Did It!

• The Risk from Power Lines: How to Sniff the G3 and Prime Data and Detect the Interfere Attack

• The Tao of Hardware the Te of Implants

• The Year in Flash

• Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks

• Towards a Holistic Approach in Building Intelligence to Fight Crimeware

U

• Understanding HL7 2.x Standards Pen Testing and Defending HL7 2.x Messages

• Unleash the Infection Monkey: A Modern Alternative to Pen-Tests

• Using an Expanded Cyber Kill Chain Model to Increase Attack Resiliency

• Using EMET to Disable EMET

• Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process

V

• Viral Video - Exploiting SSRF in Video Converters

• VOIP WARS: The Phreakers Awaken

W

• Watching Commodity Malware Get Sold to a Targeted Actor

• Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter

• Web Application Firewalls: Analysis of Detection Logic

• What's the DFIRence for ICS?

• When Governments Attack: State Sponsored Malware Attacks Against Activists Lawyers and Journalists

• When the Cops Come A-Knocking: Handling Technical Assistance Demands from Law Enforcement

• Windows 10 Mitigation Improvements

• Windows 10 Segment Heap Internals

X

• Xenpwn: Breaking Paravirtualized Devices