CanSecWest 2015
CanSecWest 2015 Files
Project Zero: Making 0days Hard
- Ben Hawkes, Chris Evans Google
Taming wild copies: from hopeless crash to working exploit
- Chris Evans @scarybeasts of Google's Project Zero
I see therefore I am.... You
- Jan "starbug" Krissler, T-Labs/CCC
Smart COM fuzzing tool - Explore More Sandbox Bypassing Surface in COM objects
- Xiaoning Li & Haifei Li, Intel
A new class of vulnerability in SMI Handlers of BIOS/UEFI Firmware
- John Loucaides & Andrew Furtak, Intel
Sexrets in LoadLibrary
- Yang Yu @tombkeeper, Tencent
Attacking WebKit Applications by exploiting memory corruption bugs
- Liang Chen of KeenTeam
Userland Exploits of Pangu 8
- Team Pangu @PanguTeam
Attacks on UEFI Security
- Rafal Wojtczuk & Corey Kallenberg
FreeSentry: Protecting against use-after-free vulnerabilities due to dangling pointers
- Yves Younan, Cisco (Sourcefire/VRT)
DLL Hijacking' on OS X? #@%& Yeah!
- Patrick Wardle @patrickwardle, Synack
Memminer: Real-Time Passive Volatile Memory Inspection Inside Virtual Machines
- John Williams, EY
NDIS Packet of Death: Turning Windows' Complexity Against Itself
- Nitay Artenstein, Checkpoint
How many million BIOSes would you like to infect?
- Corey Kallenberg & Xeno Kovah, LegbaCore
UEFI, Open Platforms and the Defender's Dillema
- Vincent Zimmer, Intel
Wolf in Sheep's Clothing: Your Next APT is Already Whitelisted
- Fabio Assolini and Juan Andres Guerrero-Saade
There's Something About WMI
- Christopher Glyer and Devon Kerr, Mandiant
Credential Assessment: Mapping Privilege Escalation at Scale
- Matthew Weeks, root9b
From baseband to bitstream and back again: What security researchers really want to do with SDR
- Andy Davis, NCC Group
Bootkit via SMS: 4G access level security assessment
- Kirill Nesterov and Timur Yunusov