Hola a tod@s
Concluyo la Back Hat USA 2016 y con ella un sin fin de investigaciones
de seguridad para amenizar las calurosas tardes de agosto al salir del curro.
Disfrutadlas:
A Journey from JNDI/LDAP Manipulation to Remote Code
Execution Dream Land
Breaking Hardware-Enforced Security with Hypervisors
Breaking Kernel Address Space Layout Randomization (KASLR)
with Intel TSX
badWPAD
Beyond the MCSE: Active Directory for the Security
Professional
A Lightbulb Worm?
Abusing Bleeding Edge Web Standards for AppSec Glory
Access Keys Will Kill You Before You Kill the Password
Account Jumping Post Infection Persistency & Lateral
Movement in AWS
AirBnBeware: Short Term Rentals Long Term Pwnage
AMSI: How Windows 10 Plans to Stop Script-Based Attacks and
How Well It Does It
An AI Approach to Malware Similarity Analysis: Mapping the
Malware Genome With a Deep Neural Network
Analysis of the Attack Surface of Windows 10
Virtualization-Based Security
Applied Machine Learning for Data Exfil and Other Fun Topics
Attacking SDN Infrastructure: Are We Ready for the Next-Gen
Networking?
$hell on Earth: From Browser to System Compromise
1000 Ways to Die in Mobile OAuth
Adaptive Kernel Live Patching: An Open Collaborative Effort
to Ameliorate Android N-Day Root Exploits
AVLeak: Fingerprinting Antivirus Emulators for Advanced
Malware Evasion
Bad for Enterprise: Attacking BYOD Enterprise Mobile
Security Solutions
Blunting the Phisher’s Spear: A Risk-Based Approach for
Defining User Training and Awarding Administrative Privileges
Breaking FIDO: Are Exploits in There?
Breaking Payment Points of Interaction (POI)
Brute-Forcing Lockdown Harddrive PIN Codes
Building Trust & Enabling Innovation for Voice Enabled
IoT
Call Me: Gathering Threat Intelligence on Telephony Scams to
Detect Fraud
Can You Trust Me Now? An Exploration into the Mobile Threat
Landscape
CANSPY: A Platform for Auditing CAN Devices
Captain Hook: Pirating AVs to Bypass Exploit Mitigations
Capturing 0day Exploits with PERFectly Placed Hardware Traps
Certificate Bypass: Hiding and Executing Malware from a
Digitally Signed Executable
Crippling HTTPS with Unholy PAC
Cunning with CNG: Soliciting Secrets from Schannel
Cyber War in Perspective: Analysis from the Crisis in
Ukraine
Dangerous Hare: Hanging Attribute References Hazards Due to
Vendor Customization
Dark Side of the DNS Force
Defense at Hyperscale: Technologies and Policies for a
Defensible Cyberspace
Demystifying the Secure Enclave Processor
Discovering and Exploiting Novel Security Vulnerabilities in
Apple ZeroConf
Does Dropping USB Drives in Parking Lots and Other Places
Really Work?
Drone Attacks on Industrial Wireless: A New Front in Cyber
Security
Dungeons Dragons and Security
Exploiting Curiosity and Context: How to Make People Click
on a Dangerous Link Despite Their Security Awareness
GATTacking Bluetooth Smart Devices – Introducing a New BLE
Proxy Tool
Hackproofing Oracle eBusiness Suite
Hardening AWS Environments and Automating Incident Response
for AWS Compromises
HEIST: HTTP Encrypted Information can be Stolen Through
TCP-Windows
Horse Pill: A New Type of Linux Rootkit
HTTP Cookie Hijacking in the Wild: Security and Privacy
Implications
HTTP/2 & QUIC – Teaching Good Protocols To Do Bad Things
I Came to Drop Bombs: Auditing the Compression Algorithm
Weapon Cache
Into The Core – In-Depth Exploration of Windows 10 IoT Core
Intra-Process Memory Protection for Applications on ARM and
x86: Leveraging the ELF ABI
Iran’s Soft-War for Internet Dominance
Language Properties of Phone Scammers: Cyberdefense at the
Level of the Human
Memory Forensics Using Virtual Machine Introspection for
Cloud Computing
Next-Generation of Exploit Kit Detection by Building
Simulated Obfuscators
Nonce-Disrespecting Adversaries: Practical Forgery Attacks
on GCM in TLS
O-checker: Detection of Malicious Documents Through
Deviation from File Format Specifications
OSS Security Maturity: Time to Put On Your Big Boy Pants!
Pangu 9 Internals
PINdemonium: A DBI-Based Generic Unpacker for Windows
Executable
PLC-Blaster: A Worm Living Solely in the PLC
Pwning Your Java Messaging with Deserialization
Vulnerabilities
Recover a RSA Private Key from a TLS Session with Perfect
Forward Secrecy
GreatFET: Making GoodFET Great Again
Hacking Next-Gen ATMs: From Capture to Cashout
Samsung Pay: Tokenized Numbers Flaws and Issues
Secure Penetration Testing Operations: Demonstrated
Weaknesses in Learning Material and Tools
Security Through Design – Making Security Better by
Designing for People
SGX Secure Enclaves in Practice: Security and Crypto Review
Side-Channel Attacks on Everyday Applications
Subverting Apple Graphics: Practical Approaches to Remotely
Gaining Root
TCP Injection Attacks in the Wild – A Large Scale Study
The Art of Defense – How Vulnerabilities Help Shape Security
Features and Mitigations in Android
The Art of Reverse Engineering Flash Exploits
The Beast Within – Evading Dynamic Malware Analysis Using
Microsoft COM
The Remote Malicious Butler Did It!
The Risk from Power Lines: How to Sniff the G3 and Prime
Data and Detect the Interfere Attack
When Governments Attack: State Sponsored Malware Attacks
Against Activists Lawyers and Journalists
The Tao of Hardware the Te of Implants
The Year in Flash
Timing Attacks Have Never Been So Practical: Advanced
Cross-Site Search Attacks
Using an Expanded Cyber Kill Chain Model to Increase Attack
Resiliency
Using EMET to Disable EMET
Using Undocumented CPU Behavior to See into Kernel Mode and
Break KASLR in the Process
Viral Video – Exploiting SSRF in Video Converters
VOIP WARS: The Phreakers Awaken
Weaponizing Data Science for Social Engineering: Automated
E2E Spear Phishing on Twitter
Windows 10 Segment Heap Internals
Xenpwn: Breaking Paravirtualized Devices
Web Application Firewalls: Analysis of Detection Logic
What’s the DFIRence for ICS?
When the Cops Come A-Knocking: Handling Technical Assistance
Demands from Law Enforcement
Windows 10 Mitigation Improvements
No seáis malos.