Seguro que algún año tendré la determinación necesaria (y podré tener ahorrado lo suficiente) para volar a Las Vegas en esas fechas, pero hasta entonces, podré seguir disfrutando de sus presentaciones y whitepapers :):
keynotes
briefings
- 48 Dirty Little Secrets Cryptographers Don't Want You To Know
- 802.1x and Beyond!
- A Journey to Protect Points-of-Sale
- A Practical Attack Against VDI Solutions
- A Scalable, Ensemble Approach for Building and Visualizing Deep Code-Sharing Networks Over Millions of Malicious Binaries
- A Survey of Remote Automotive Attack Surfaces
- Abuse of CPE Devices and Recommended Fixes
- Abusing Microsoft Kerberos: Sorry You Guys Don't Get It
- Abusing Performance Optimization Weaknesses to Bypass ASLR
- Android FakeID Vulnerability Walkthrough
- APT Attribution and DNS Profiling
- Attacking Mobile Broadband Modems Like a Criminal Would
- Babar-ians at the Gate: Data Protection at Massive Scale
- Badger - The Networked Security State Estimation Toolkit
- BadUSB - On Accessories that Turn Evil
- Bitcoin Transaction Malleability Theory in Practice
- Breaking the Security of Physical Devices
- Bringing Software Defined Radio to the Penetration Testing Community
- Building Safe Systems at Scale - Lessons from Six Months at Yahoo
- Call To Arms: A Tale of the Weaknesses of Current Client-Side XSS Filtering
- Capstone: Next Generation Disassembly Framework
- Catching Malware En Masse: DNS and IP Style
- Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol
- CloudBots: Harvesting Crypto Coins Like a Botnet Farmer
- Computrace Backdoor Revisited
- Contemporary Automatic Program Analysis
- Creating a Spider Goat: Using Transactional Memory Support for Security
- Data-Only Pwning Microsoft Windows Kernel: Exploitation of Kernel Pool Overflows on Microsoft Windows 8.1
- Defeating the Transparency Feature of DBI
- Digging for IE11 Sandbox Escapes
- Dynamic Flash Instrumentation for Fun and Profit
- Epidemiology of Software Vulnerabilities: A Study of Attack Surface Spread
- Evasion of High-End IPS Devices in the Age of IPv6
- Exploiting Unpatched iOS Vulnerabilities for Fun and Profit
- Exposing Bootkits with BIOS Emulation
- Extreme Privilege Escalation on Windows 8/UEFI Systems
- Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces
- Fingerprinting Web Application Platforms by Variations in PNG Implementations
- From Attacks to Action - Building a Usable Threat Model to Drive Defensive Choices
- Full System Emulation: Achieving Successful Automated Dynamic Analysis of Evasive Malware
- Governments As Malware Authors: The Next Generation
- GRR: Find All the Badness, Collect All the Things
- Hacking the Wireless World with Software Defined Radio - 2.0
- How Smartcard Payment Systems Fail
- How to Leak a 100-Million-Node Social Graph in Just One Week? - A Reflection on Oauth and API Design in Online Social Networks
- How to Wear Your Password
- I Know Your Filtering Policy Better than You Do: External Enumeration and Exploitation of Email and Web Security Solutions
- ICSCorsair: How I Will PWN Your ERP Through 4-20 mA Current Loop
- Internet Scanning - Current State and Lessons Learned
- Investigating PowerShell Attacks
- It Just (Net)works: The Truth About iOS 7's Multipeer Connectivity Framework
- Learn How to Control Every Room at a Luxury Hotel Remotely: The Dangers of Insecure Home Automation Deployment
- Leviathan: Command and Control Communications on Planet Earth
- Lifecycle of a Phone Fraudster: Exposing Fraud Activity from Reconnaissance to Takeover Using Graph Analysis and Acoustical Anomalies
- Miniaturization
- Mission mPOSsible
- Mobile Device Mismanagement
- MoRE Shadow Walker: The Progression of TLB-Splitting on x86
- Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols
- My Google Glass Sees Your Passwords!
- Network Attached Shell: N.A.S.ty Systems that Store Network Accessible Shells
- "Nobody is Listening to Your Phone Calls." Really? A Debate and Discussion on the NSA's Activities
- One Packer to Rule Them All: Empirical Identification, Comparison, and Circumvention of Current Antivirus Detection Techniques
- OpenStack Cloud at Yahoo Scale: How to Avoid Disaster
- Oracle Data Redaction is Broken
- Pivoting in Amazon Clouds
- Poacher Turned Gamekeeper: Lessons Learned from Eight Years of Breaking Hypervisors
- Point of Sale System Architecture and Security
- Prevalent Characteristics in Modern Malware
- Probabilistic Spying on Encrypted Tunnels
- Protecting Data In-Use from Firmware and Physical Attacks
- Pulling Back the Curtain on Airport Security: Can a Weapon Get Past TSA?
- RAVAGE - Runtime Analysis of Vulnerabilities and Generation of Exploits
- Reflections on Trusting TrustZone
- Researching Android Device Security with the Help of a Droid Army
- Reverse Engineering Flash Memory for Fun and Benefit
- Reverse-Engineering the Supra iBox: Exploitation of a Hardened MSP430-Based Device
- SAP, Credit Cards, and the Bird that Talks Too Much
- SATCOM Terminals: Hacking by Air, Sea, and Land
- Saving Cyberspace
- SecSi Product Development: Techniques for Ensuring Secure Silicon Applied to Open-Source Verilog Projects
- Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring
- Sidewinder Targeted Attack Against Android in the Golden Age of Ad Libs
- Smart Nest Thermostat: A Smart Spy in Your Home
- Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications
- Stay Out of the Kitchen: A DLP Security Bake-Off
- SVG: Exploiting Browsers without Image Parsing Bugs
- The Beast is in Your Memory: Return-Oriented Programming Attacks Against Modern Control-Flow Integrity Protection Techniques
- The BEAST Wins Again: Why TLS Keeps Failing to Protect HTTP
- The Big Chill: Legal Landmines that Stifle Security Research and How to Disarm Them
- The Devil Does Not Exist - The Role of Deception in Cyber
- The Library of Sparta
- The New Page of Injections Book: Memcached Injections
- The New Scourge of Ransomware: A Study of CryptoLocker and Its Friends
- The State of Incident Response
- Thinking Outside the Sandbox - Violating Trust Boundaries in Uncommon Ways
- Threat Intelligence Library - A New Revolutionary Technology to Enhance the SOC Battle Rhythm!
- Time Trial: Racing Towards Practical Timing Attacks
- Understanding IMSI Privacy
- Understanding TOCTTOU in the Windows Kernel Font Scaler Engine
- Unveiling the Open Source Visualization Engine for Busy Hackers
- Unwrapping the Truth: Analysis of Mobile Application Wrapping Solutions
- VoIP Wars: Attack of the Cisco Phones
- What Goes Around Comes Back Around - Exploiting Fundamental Weaknesses in Botnet C&C Panels!
- When the Lights Go Out: Hacking Cisco EnergyWise
- Why Control System Cyber-Security Sucks...
- Why You Need to Detect More Than PtH
- Windows Kernel Graphics Driver Attack Surface
- Write Once, Pwn Anywhere
Comentarios
Publicar un comentario