BLACK HAT 2025 ASIE
Thursday | 8:00am
Morning Break
Track
:
Location
: Orchid Main Ballroom
Thursday | 9:00am
Keynote: Cyber Threats in the Age of AI
Speaker:
Edward Chen
Track
: Keynote
Format
: 60-Minute Keynote
Location
: Roselle Junior Ballroom 4611/4711
Thursday | 10:20am
DriveThru Car Hacking: Fast Food, Faster Data Breach
Speaker:
Alina Tan
,
Speaker:
George Chen
,
Contributor:
Chee Peng Tan
,
Contributor:
Ri-Sheng Tan
,
Contributor:
Penelope Chua
,
Contributor:
Benjamin Cao
Tracks
: Privacy, Network Security
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
QuickShell: Sharing is Caring About an RCE Attack Chain on Quick Share
Speaker:
Or Yair
,
Contributor:
Shmuel Cohen
Tracks
: Application Security: Offense, Platform Security
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Think Inside the Box: In-the-Wild Abuse of Windows Sandbox in Targeted Attacks
Speaker:
Hiroaki Hara
Tracks
: Malware, Threat Hunting & Incident Response
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
vCenter Lost: How the DCERPC Vulnerabilities Changed the Fate of ESXi
Speaker:
Hao Zheng
,
Speaker:
Zibo Li
,
Contributor:
Yue Liu
Tracks
: Exploit Development & Vulnerability Discovery, Cloud Security
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Thursday | 11:00am
Morning Refreshment Break (Briefings)
Track
:
Location
: Orchid Main Ballroom
Thursday | 11:20am
JDD: In-depth Mining of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction
Speaker:
Bofei Chen
,
Speaker:
Yinzhi Cao
,
Contributor:
Lei Zhang
,
Contributor:
Xinyou Huang
,
Contributor:
Yuan Zhang
,
Contributor:
Min Yang
Tracks
: Application Security: Offense, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
ObfusQate: Where Quantum Magic Meets Code Security – Say Goodbye to Easy Cracking!
Speaker:
Vivek Balachandran
,
Contributor:
Nikhil Bartake
,
Contributor:
Zi Jie See Toh
,
Speaker:
Michael Kasper
Tracks
: Application Security: Defense, Application Security: Offense
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
The Oversights Under the Flow: Discovering and Demystifying the Vulnerable Tooling Suites From Azure MLOps
Speaker:
Peng Zhou
Tracks
: Platform Security, AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots
Speaker:
Allyn Stott
Tracks
: AI, ML, & Data Science, Threat Hunting & Incident Response
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Thursday | 12:00pm
Lunch (Briefings)
Track
:
Location
: Orchid Main Ballroom
Thursday | 1:30pm
Bridging the Gap: Type Confusion and Boundary Vulnerabilities Between WebAssembly and JavaScript in V8
Speaker:
Nan Wang
,
Speaker:
Zhenghang Xiao
,
Contributor:
Xuehao Guo
,
Contributor:
Ming Hu
Track
: Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Double Tap at the Blackbox: Hacking a Car Remotely Twice with MiTM
Speaker:
Yingjie Cao
,
Speaker:
Xinfeng Chen
Track
: Cyber-Physical Systems & IoT
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Meetup - Cloud Security: Building Connections in the Cloud
Moderator:
Lidia Giuliano
,
Moderator:
Vandana Verma
Track
: Cloud Security
Format
: 40-Minute Meetup
Location
: Community Lounge, Business Hall
The Illusion of Isolation: How Isolation Failures in CI/CD Servers Lead to RCE and Privacy Risks
Speaker:
Tian Zhou
,
Speaker:
Yiwen Wang
,
Contributor:
Xiu Zhang
Tracks
: Enterprise Security, Application Security: Offense
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Unveiling the Mysteries of Qualcomm's QDSP6 JTAG: A Journey into Advanced Theoretical Reverse Engineering
Speaker:
Alisa Esage
Track
: Reverse Engineering
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Thursday | 2:30pm
Determining Exploitability of Vulnerabilities with SBOM and VEX
Speaker:
Anusha Penumacha
,
Speaker:
Srinija Kammari
Tracks
: Enterprise Security, Application Security: Defense
Format
: 30-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Enhancing Modern Threat Intelligence: The Pivotal Role of Large Language Models in Extracting Actionable TTP Attack Chains
Speaker:
Lorin Wu
,
Speaker:
Porot Mo
,
Contributor:
Jack Tang
Tracks
: AI, ML, & Data Science, Application Security: Defense
Format
: 30-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
One Bug to Rule Them All: Stably Exploiting a Preauth RCE Vulnerability on Windows Server 2025
Contributor:
Zhiniang Peng
,
Speaker:
Ver
,
Speaker:
Zishan Lin
Tracks
: Exploit Development & Vulnerability Discovery, Platform Security
Format
: 30-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Who Cares Where Waldo Is. Locating macOS Users Without Their Consent
Speaker:
Wojciech Regula
Tracks
: Privacy, Exploit Development & Vulnerability Discovery
Format
: 30-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Thursday | 3:00pm
Afternoon Refreshment Break (Briefings)
Track
:
Location
: Orchid Main Ballroom
Thursday | 3:20pm
Foreign Information Manipulation and Interference (Disinformation 2.0) - How Patterns of Behavior in the Information Domain Threaten or Attack Organizations' Values, Procedures and Political Processes
Speaker:
Franky Saegerman
Tracks
: Policy, Defense
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities
Speaker:
Bonan Ruan
,
Speaker:
Jiahao Liu
,
Contributor:
Chuqi Zhang
,
Contributor:
Zhenkai Liang
Tracks
: Platform Security, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Mini-App But Great Impact: New Ways to Compromise Mobile Apps
Speaker:
Wei Wen
,
Contributor:
Xiangyu Cao
,
Contributor:
Jiangchunxi Hou
,
Contributor:
Zixi Liao
,
Contributor:
Yingyan Song
,
Contributor:
Zhongcheng Li
,
Contributor:
Yijie Zhao
,
Speaker:
Bin Ma
Tracks
: Mobile, Application Security: Offense
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Should We Chat, Too? Security Analysis of WeChat's MMTLS Encryption Protocol
Speaker:
Pellaeon Lin
,
Speaker:
Mona Wang
,
Contributor:
Jeffrey Knockel
Tracks
: Cryptography, Application Security: Offense
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Thursday | 4:20pm
Fake Deals and Real Steals: The Art of E-Commerce Fraud
Speaker:
Sergey Shekyan
,
Speaker:
Qinger Chen
Tracks
: Defense, Enterprise Security
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Invisible Ink: Privacy Risks of CSS in Browsers and Emails
Speaker:
Leon Trampert
,
Speaker:
Daniel Weber
Tracks
: Privacy, Enterprise Security
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Operation BlackEcho: Voice Phishing Using Fake Financial and Vaccine Apps
Speaker:
Hyeji Heo
,
Speaker:
Sungchan Jang
,
Contributor:
Byungwoo Hwang
,
Contributor:
Jinyong Byun
,
Contributor:
Kuyju Kim
Tracks
: Human Factors, Malware
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Watch Your Phone: Novel USB-Based File Access Attacks Against Mobile Devices
Speaker:
Florian Draschbacher
,
Speaker:
Lukas Maar
Tracks
: Mobile, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Friday | 8:00am
Morning Break
Track
:
Location
: Orchid Main Ballroom
Friday | 9:00am
Keynote: Perspectives on Trust in Hardware Supply Chains
Speaker:
Bunnie Huang
Track
: Keynote
Format
: 60-Minute Keynote
Location
: Roselle Junior Ballroom 4611/4711
Friday | 10:20am
(Mis)adventures with Copilot+: Attacking and Exploiting Windows NPU Drivers
Speaker:
Nicola Stauffer
,
Contributor:
Gürkan Gür
Tracks
: Application Security: Offense, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Behind Closed Doors - Bypassing RFID Readers
Speaker:
Julia Zduñczyk
Track
: Cyber-Physical Systems & IoT
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Impostor Syndrome - Hacking Apple MDMs Using Rogue Device Enrolments
Speaker:
Marcell Molnár
,
Contributor:
Magdalena Oczad³y
Tracks
: Enterprise Security, Reverse Engineering
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Standing on the Shoulders of Giants: De-Obfuscating WebAssembly Using LLVM
Speaker:
Vikas Gupta
,
Speaker:
Peter Garba
Track
: Reverse Engineering
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Friday | 11:00am
Morning Refreshment Break (Briefings)
Track
:
Location
: Orchid Main Ballroom
Friday | 11:20am
A Closer Look at the Gaps in the Grid: New Vulnerabilities and Exploits Affecting Solar Power Systems
Speaker:
Daniel dos Santos
,
Speaker:
Francesco La Spina
,
Contributor:
Stanislav Dashevskyi
Tracks
: Cyber-Physical Systems & IoT, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks
Speaker:
Zhiwei Lin
,
Speaker:
Ziyu Lin
Tracks
: Network Security, Cloud Security
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
I Have Got to Warn You, It Is a Learning Robot: Using Deep Learning Attribution Methods for Fault Injection Attacks
Speaker:
Karim Abdellatif
Tracks
: Hardware / Embedded, AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
The Drone Supply Chain's Grand Siege: From Initial Breaches to Long-Term Espionage on High-Value Targets
Contributor:
Pierre Lee
,
Speaker:
Vickie Su
,
Speaker:
Philip Chen
Tracks
: Threat Hunting & Incident Response, Malware
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Friday | 12:00pm
Lunch (Briefings)
Track
:
Location
: Orchid Main Ballroom
Friday | 1:30pm
Dismantling the SEOS Protocol
Speaker:
Iceman
,
Speaker:
Adam (evildaemond) Foster
Tracks
: Hardware / Embedded, Reverse Engineering
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
KernelSnitch: Leaking Kernel Heap Pointers by Exploiting Software-Induced Side-Channel Leakage of Kernel Hash Tables
Speaker:
Lukas Maar
,
Speaker:
Jonas Juffinger
Tracks
: Exploit Development & Vulnerability Discovery, Platform Security
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Meetup - Staying Sharp & Staying Legal: Ethical Hacking in APAC
Moderator:
Fyodor Yarochkin
Track
: Policy
Format
: 40-Minute Meetup
Location
: Community Lounge, Business Hall
The ByzRP Solution: A Global Operational Shield for RPKI Validators
Speaker:
Donika Mirdita
,
Speaker:
Jens Frieß
,
Contributor:
Haya Schulmann
,
Contributor:
Michael Waidner
Tracks
: Network Security, Application Security: Defense
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
The Problems of Embedded Python in Excel, or How to Excel in Pwning Pandas
Speaker:
Shalom Carmel
,
Contributor:
Ofir Carmel
Tracks
: Platform Security, Cloud Security
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Friday | 2:30pm
AI-Powered Image-Based Command and Control (C2) Framework: Utilizing AI Models to Conceal and Extract Commands in C2 Images
Speaker:
Qian Feng
,
Speaker:
Chris Navarrete
Tracks
: Malware, AI, ML, & Data Science
Format
: 30-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Inbox Invasion: Exploiting MIME Ambiguities to Evade Email Attachment Detectors
Speaker:
Jiahe Zhang
,
Contributor:
Jianjun Chen
,
Contributor:
Qi Wang
,
Contributor:
Hangyu Zhang
,
Contributor:
Shengqiang Li
,
Contributor:
Chuhan Wang
,
Contributor:
Jianwei Zhuge
,
Contributor:
Haixin Duan
Tracks
: Application Security: Offense, Enterprise Security
Format
: 30-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
State Manipulation: Unveiling New Attack Vectors in Bluetooth Vulnerability Discovery through Protocol State Machine Reconfiguration
Speaker:
Lidong Li
,
Speaker:
Oliver Dong
,
Speaker:
Xiao Wang
,
Contributor:
Lewei Qu
Tracks
: Exploit Development & Vulnerability Discovery, Cyber-Physical Systems & IoT
Format
: 30-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
Sweeping the Blockchain: Unmasking Illicit Accounts in Web3 Scams
Speaker:
Wenkai Li
,
Contributor:
Zhijie Liu
,
Contributor:
Xiaoqi Li
Tracks
: Defense, Platform Security
Format
: 30-Minute Briefings
Location
: Simpor Junior Ballroom 4810/4910
Friday | 3:00pm
Afternoon Refreshment Break (Briefings)
Track
:
Location
: Orchid Main Ballroom
Friday | 3:20pm
Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet
Speaker:
Radu Motspan
,
Speaker:
Mikhail Evdokimov
,
Speaker:
Polina Smirnova
Tracks
: Hardware / Embedded, Reverse Engineering
Format
: 40-Minute Briefings
Location
: Orchid Junior Ballroom 4211/4311
The Black Hat Asia Network Operations Center (NOC) Report
Speaker:
Neil (Grifter) Wyler
,
Speaker:
Bart Stump
Tracks
: Network Security, Application Security: Defense
Format
: 40-Minute Briefings
Location
: Roselle Junior Ballroom 4611/4711
Weaponized Deception: Lessons from Indonesia's Muslim Cyber Army
Speaker:
Tim Pappa
Tracks
: Human Factors, Threat Hunting & Incident Response
Format
: 40-Minute Briefings
Location
: Simpor Junior Ballroom 4813/4913
Friday | 4:20pm
Locknote: Highlights & Key Takeaways from Black Hat Asia 2025
Moderator:
Daniel Cuthbert
,
Panelist:
Ryan Flores
,
Panelist:
Vitaly Kamluk
,
Moderator:
Jeff Moss
,
Panelist:
Asuka Nakajima
,
Panelist:
Vandana Verma
Track
: Keynote
Format
: 40-Minute Keynote
Location
: Roselle Junior Ballroom 4611/4711