BlackHat 2020 USA
All you ever wanted to know about the AMD Platform Security Processor and were afraid to emulate
Carrying our Insecurities with Us: the Risks of Implanted Medical Devices in Secure Spaces
An Invisible Insider Threat: The Risks of Implanted Medical Devices in Secure Spaces
CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
Emulating Samsung’s Baseband for Security Testing
Hiding Process Memory via Anti-Forensic Techniques
HTTP Request Smuggling in 2020
Room for Escape: Scribbling Outside the Lines of Template Security
Room for Escape: Scribbling Outside the Lines of Template Security
An Unauthenticated Journey to Root : Pwning Your Company's Enterprise Software Servers
An Unauthenticated Journey to Root : Pwning Your Company’s Enterprise Software Servers
Decade of the RATs Custom Chinese Linux Rootkits for Everyone
Detecting Fake 4G Base Stations in Real Time
Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
Industrial Protocol Gateways Under Analysis
Lost in Translation: When Industrial Protocol Translation Goes Wrong
Repurposing-Neural-Networks-To-Generate-Synthetic-Media-For-Information-Operations
Web cache entanglement Novel pathways to poisoning
Web Cache Entanglement: Novel Pathways to Poisoning
Demystifying Modern Windows Rootkits
Discovering Hidden Properties to Attack Node.js Ecosystem
iOS Kernel PAC, One Year Later
Policy-Implications-Of-Faulty-Risk-Models-And-How-To-Fix-Them
Reverse Engineering the Tesla Battery Management System to Increase Power Available
Reverse-Engineering-The-Tesla-Battery-Management-System-To-Increase-Power-Available-wp
Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AIPowered Game Bots
Stopping Snake Oil With Smaller Healthcare Providers
Breaking Samsung's Root of Trust: Exploiting Samsung S10 S-Boot
Building a Vulnerability Disclosure Program That Works for Election Vendors and Hackers
FASTCash and INJX_PURE How Threat Actors Use Public Standards for Financial Fraud
FASTCash and Associated Intrusion Techniques
An Insiders Biopsy of Healthcare Application Security
NoJITsu: Locking Down JavaScript Engines
NOJITSU: Locking Down JavaScript Engines
OTRazor Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
Rogue Automation Vulnerable and Malicious Code in Industrial Programming
Reversing the Root Identifying the Exploited Vulnerability in 0-days Used In-The-Wild
The Devil’s in the Dependency: Data-Driven Software Composition Analysis
Detecting Exploits with Novel Hardware Performance Counters and ML Magic
Hacking the Voter Lessons From a Decade of Russian Military Operations
IoT Skimmer: Energy Market Manipulation through HighWattage IoT Botnets
Needing the DoH The ongoing encryption and centralization of DNS
Stealthily Access Your Android Phones: Bypass the Bluetooth Authentication
Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon
Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon
Beyond Root Custom Firmware For Embedded Mobile Chipsets
Mind Games: Using Data to Solve for the Human Element
Operation Chimera - APT Operation Targets Semiconductor Vendors
Operation-Chimera-APT-Operation-Targets-Semiconductor-Vendors-wp
TiYunZong: An Exploit Chain to Remotely Root Modern Android Devices
TiYunZong: An Exploit Chain to Remotely Root Modern Android Devices
Virtually Private Networks Virtually good enough
You Have No Idea Who Sent That Email: 18 Attacks on Email Sender Authentication
Composition Kills: A Case Study of Email Sender Authentication
Hacking the Voter Lessons From a Decade of Russian Military Operations
Breaking VSM by Attacking Secure Kernel Hardening Secure Kernel through Offensive Research
Escaping Virtualized Containers
EtherOops-Exploring-Practical-Methods-To-Exploit-Ethernet-Packet-In-Packet-Attacks
Bypassing Firewalls and NATs By Exploiting Packet-in-Packet Attacks in Ethernet
Fooling Windows through Superfetch
Lamphone Real-Time Passive Sound Recovery Using Light Emitted from a Hanging Bulb
Security Research on Mercedes-Benz: From Hardware to Car Control
Security-Research-On-Mercedes-Benz-From-Hardware-To-Car-Control-wp
Printing is still the Stairway to Heaven
The Legacy Print Spooler: A story about vulnerabilities from the previous millennium until today
SafeMind A Framework for Evaluating and Patching the Human Factor in Cybersecurity
BUILDING CYBER SECURITY STRATEGIES FOR EMERGING INDUSTRIES IN SUB-SAHARAN AFRICA
Detecting Access Token Manipulation
I calc’dCalc -ExploitingExcel Online
Vulnerability Report Insecure Features of PDF Documents
Spectra Breaking Separation Between Wireless Chips
About Directed Fuzzing and Use-After-Free: How to Find Complex & Silent Bugs?
Edtech:The Ultimate APT Privacy And Security Issues In Common Education Platforms
Edtech: The Ultimate Apt Michelle Wolfe
Heroku Abuse Operations: Hunting Wolves in Sheeps Clothing
Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys
KrØØk: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE YOUR WI-FI ENCRYPTION
When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
Breaking Thunderbolt Protocol Security: Vulnerability Report
Black-box Laser Fault Injection on a Secure Memory
Dive into Apple IO80211FamilyV2
Exploiting Kernel Races Through Taming Thread Interleaving
Improving-Mental-Models-Of-End-To-End-Encrypted-Communications
My Cloud is APTs Cloud: Attacking and Defending O365
Remote Timing Attacks on TPMs, AKA TPM-Fail
TPM-FAIL: TPM meets Timing and Lattice Attacks
Routopsy Modern Routing Protocol Vulnerability Analysis and Exploitation