Optimistic Dissatisfaction with the Status Quo: Steps We Must Take to Improve Security in Complex Landscapes

Holding on for Tonight: Addiction in InfoSec

Dissecting Non-Malicious Artifacts: One IP at a Time

Edge Side Include Injection: Abusing Caching Servers into SSRF and Transparent Session Hijacking

Measuring the Speed of the Red Queen's Race; Adaption and Evasion in Malware

Exposing the Bait: A Qualitative Look at the Impact of Autonomous Peer Communication to Enhance Organizational Phishing Detection

Detecting Credential Compromise in AWS

Software Attacks on Hardware Wallets

Finding Xori: Malware Analysis Triage with Automated Disassembly

How I Learned to Stop Worrying and Love the SBOM

Stress and Hacking: Understanding Cognitive Stress in Tactical Cyber Ops

New Trends in Browser Exploitation: Attacking Client-Side JIT Compilers

KeenLab iOS Jailbreak Internals: Userland Read-Only Memory can be Dangerous

Miasm: Reverse Engineering Framework

From Bot to Robot: How Abilities and Law Change with Physicality

A Dive in to Hyper-V Architecture & Vulnerabilities

Deep Neural Networks for Hackers: Methods Applications and Open Source Tools

Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths

TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of Industrial Control Systems Forever

Legal Landmines: How Law and Policy are Rapidly Shaping Information Security

There will be Glitches: Extracting and Analyzing Automotive Firmware Efficiently

No Royal Road … Notes on Dangerous Game

Compression Oracle Attacks on VPN Networks

Reversing a Japanese Wireless SD Card - From Zero to Code Execution

Remotely Attacking System Firmware

Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers

Deep Dive into an ICS Firewall Looking for the Fire Hole

Too Soft\[ware Defined\] Networks: SD-WAN Vulnerability Assessment

Threat Modeling in 2018: Attacks Impacts and Other Updates

Mental Health Hacks: Fighting Burnout Depression and Suicide in the Hacker Community

Don't @ Me: Hunting Twitter Bots at Scale

WireGuard: Next Generation Secure Network Tunnel

Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology

Meltdown: Basics Details Consequences

From Workstation to Domain Admin: Why Secure Administration isn't Secure and How to Fix it

Every ROSE has its Thorn: The Dark Art of Remote Online Social Engineering

The Unbearable Lightness of BMC's

Open Sesame: Picking Locks with Cortana

LTE Network Automation Under Threat

Why so Spurious? How a Highly Error-Prone x86/x64 CPU Feature can be Abused to Achieve Local Privilege Escalation on Many Operating Systems

A Brief History of Mitigation: The Path to EL1 in iOS 11

Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!

Behind the Speculative Curtain: The True Story of Fighting Meltdown and Spectre

Breaking the IIoT: Hacking industrial Control Gateways

ZEROing Trust: Do Zero Trust Approaches Deliver Real Security?

Squeezing a Key through a Carry Bit

InfoSec Philosophies for the Corrupt Economy

A Tangled Curl: Attacks on the Curl-P Hash Function Leading to Signature Forgeries in the IOTA Signature Scheme

AFL's Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries

I for One Welcome Our New Power Analysis Overlords

Back to the Future: A Radical Insecure Design of KVM on ARM

The Air-Gap Jumpers

Is the Mafia Taking Over Cybercrime?

Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Infrastructure

How can Communities Move Forward After Incidents of Sexual Harassment or Assault?