KONFERNCE
DATE |
NAME |
CATEGORY |
SUBCATE |
INFO |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
In-car dash cameras (dashcams) have become quintessential to our daily lives, supported by guidelines and regulations from insurance companies as part of insurance reduction or substantiating claims during an accident. However, this can be a double-edged sword without proper security measures, potentially compromising privacy and increasing susceptibility to identity theft. |
|
|
2025 |
QuickShell: Sharing is Caring About an RCE Attack Chain on Quick Share |
CONFERENCE |
BLACK HAT 2025 ASIE |
Quick Share (formerly Nearby Share) has allowed Android users to easily share files for four years now. A year ago, Google introduced a Windows version. |
|
2025 |
Think Inside the Box: In-the-Wild Abuse of Windows Sandbox in Targeted Attacks |
CONFERENCE |
BLACK HAT 2025 ASIE |
Windows Sandbox is a lightweight virtualization mechanism introduced in 2018, designed to provide an isolated desktop environment for quickly testing suspicious applications. However, this feature can also serve as a "magic cloak" for adversaries. |
|
2025 |
vCenter Lost: How the DCERPC Vulnerabilities Changed the Fate of ESXi |
CONFERENCE |
BLACK HAT 2025 ASIE |
As one of the most widely-used commercial virtualization platforms, the security of VMware virtualization suite has long been a focal point of scrutiny. Over the past few years, we have focused extensively on identifying vulnerabilities within VMware products, particularly those in ESXi and Workstation virtualization implementations. |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
Java serialization and deserialization facilitate cooperation between different Java systems, enabling convenient data and code exchange. However, a significant vulnerability known as Java Object Injection (JOI) allows remote attackers to inject crafted serialized objects, triggering internal Java methods (gadgets) and resulting in severe consequences such as remote code execution (RCE). | |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
With the new AI moving to the cloud, a sequence of ML/AI tooling suites has been integrated into the core Azure DevOps functionalities, yielding a new concept of MLOps to enable the LLM capabilities for Azure. | |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
As WebAssembly becomes more integrated into modern web browsers, its interaction with JavaScript creates new opportunities for performance optimization, but also introduces significant security risks. This presentation dives deep into the vulnerabilities emerging from the boundaries between WebAssembly and JavaScript, with a focus on type confusion issues and improper handling of object boundaries within the V8 engine. | |
|
2025 |
Double Tap at the Blackbox: Hacking a Car Remotely Twice with MiTM |
CONFERENCE |
BLACK HAT 2025 ASIE |
Obtaining the hardware, extracting firmware, and then reverse engineering to uncover vulnerabilities in automotive systems is a common practice within the vehicle security community. However, access to vehicle components can often be limited—especially for newer models—making it challenging for researchers who do not own the vehicle. Dissecting a car can also be risky and expensive for many security researchers. |
|
2025 |
The Illusion of Isolation: How Isolation Failures in CI/CD Servers Lead to RCE and Privacy Risks |
CONFERENCE |
BLACK HAT 2025 ASIE |
For many years, security research on CI/CD platforms has been a popular topic, but researchers often tend to look for flaws that are visibly present across various functionalities within the workflow rather than auditing CI/CD platform implementations to analyze application mechanisms and identify potential vulnerabilities. |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
This talk invites you on an exploration of advanced reverse engineering techniques applied to sophisticated proprietary hardware. Rather than focusing on well-known hands-on methods such as hardware decapsulation and schematic analysis, I will demonstrate how a unique combination of patent analysis, firmware reverse engineering, and theoretical modeling can unlock the intricacies of undocumented hardware technologies and their application semantics. | |
|
2025 |
Determining Exploitability of Vulnerabilities with SBOM and VEX |
CONFERENCE |
BLACK HAT 2025 ASIE |
Software Composition Analysis tools are known to generate a flood of vulnerability data in third party code. The key challenge today is determining the number of vulnerabilities that are actually exploitable in the products that are shipped. A lot of tools have started exploring this problem. However, it cannot be completely solved without internal developer context on how a third party package is being used. |
|
2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
Currently, the application of LLMs within the security landscape has achieved widespread adoption, becoming a standard practice across the industry. In the realm of threat intelligence, LLMs have distinguished themselves through their exceptional capabilities in extracting IOCs and summarizing cyberattack reports, significantly enhancing the efficiency and precision of threat intelligence processing. | |
|
2025 |
One Bug to Rule Them All: Stably Exploiting a Preauth RCE Vulnerability on Windows Server 2025 |
CONFERENCE |
BLACK HAT 2025 ASIE |
As the security protection mechanisms of the Windows operating system are constantly being proposed and applied, it is becoming increasingly difficult to find exploitable vulnerabilities on current Windows, especially vulnerabilities that can cause preauth 0-click RCE. But, is there really no such vulnerabilities? |
|
2025 |
Foreign Information Manipulation and Interference (Disinformation 2.0) - How Patterns of Behavior in the Information Domain Threaten or Attack Organizations' Values, Procedures and Political Processes |
CONFERENCE |
BLACK HAT 2025 ASIE |
Over the past decade, foreign information manipulation and interference (FIMI) operations have grown in complexity and scope. More specifically, Russia and China have continuously invested resources into developing their hybrid warfare strategy. Hybrid warfare goes beyond physical confrontation. |
|
2025 |
KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities |
CONFERENCE |
BLACK HAT 2025 ASIE |
Linux kernel vulnerability reproduction is a critical task in system security. To reproduce a kernel vulnerability, the vulnerable environment and the Proof of Concept (PoC) program are needed. Most existing research focuses on the generation of PoC, while the construction of the environment is overlooked. |
|
2025 |
Mini-App But Great Impact: New Ways to Compromise Mobile Apps |
CONFERENCE |
BLACK HAT 2025 ASIE |
In the mobile app ecosystem, super-apps serve as platforms hosting mini-apps, facilitating cross-platform operation across Android and iOS. Traditionally, attacks on mobile apps have targeted native applications, web pages, and networks. Our research pioneers a novel exploitation vector targeting mobile apps via mini-apps. |
|
2025 |
Should We Chat, Too? Security Analysis of WeChat's MMTLS Encryption Protocol |
CONFERENCE |
BLACK HAT 2025 ASIE |
WeChat, with over 1.2 billion monthly active users, stands as the most popular messaging and social media platform in China and third globally. Instead of TLS, WeChat mainly uses a proprietary network encryption protocol called "MMTLS". We performed the first public analysis of the security and privacy properties of MMTLS and found it to be a modified version of TLS 1.3, with many of the modifications that WeChat developers made to the cryptography introducing weaknesses. |
|
2025 |
Invisible Ink: Privacy Risks of CSS in Browsers and Emails |
CONFERENCE |
BLACK HAT 2025 ASIE |
Recently, Google Chrome and other browsers have started restricting traditional tracking methods, such as third-party cookies, to improve user privacy. Still, websites can leverage browser fingerprinting to track users across websites, even when they try to protect their privacy. Interestingly, the same principles can be leveraged to enhance the security of web applications, such as in risk-based authentication, where users are identified based on their browser fingerprint. |
|
2025 |
Operation BlackEcho: Voice Phishing Using Fake Financial and Vaccine Apps |
CONFERENCE |
BLACK HAT 2025 ASIE |
Voice phishing (a.k.a. vishing) is a crime in which scammers deceive victims through phone calls in order to fraudulently obtain funds or steal personal information. |
|
2025 |
Watch Your Phone: Novel USB-Based File Access Attacks Against Mobile Devices |
CONFERENCE |
BLACK HAT 2025 ASIE |
Modern mobile OSs employ lock screens and user confirmation prompts to shield sensitive data from attackers with access to the device's USB port. In this talk, we present novel attacks and attack techniques that bypass both of these critical security mechanisms to gain USB-based file access on state-of-the-art mobile devices. |
|
2025 |
(Mis)adventures with Copilot+: Attacking and Exploiting Windows NPU Drivers |
CONFERENCE |
BLACK HAT 2025 ASIE |
In May 2024, Microsoft introduced a new category of PCs designed for AI, called Copilot+ PCs. According to Microsoft, those PCs are starting a new chapter of AI integration on Windows and, thus, personal computing. Each device will have an NPU enabling the device to run Large-Language Models (LLMs) locally. But how exactly were those NPUs integrated into Windows? |
|
2025 |
Behind Closed Doors - Bypassing RFID Readers |
CONFERENCE |
BLACK HAT 2025 ASIE |
Cloning RFID tags - you probably tried it, or at least heard about it. |
|
2025 |
Impostor Syndrome - Hacking Apple MDMs Using Rogue Device Enrolments |
CONFERENCE |
BLACK HAT 2025 ASIE |
Apple's solution for mobile device management seems like an airtight process. Enterprise customers buy devices from registered retailers, these are automatically registered in Apple Business Manager which in turn integrates seamlessly with the customer's choice of MDM platform. A company can have devices set up and shipped to remote employees without ever touching them. |
|
2025 |
Standing on the Shoulders of Giants: De-Obfuscating WebAssembly Using LLVM |
CONFERENCE |
BLACK HAT 2025 ASIE |
WebAssembly (Wasm) is an increasingly popular compilation target, offering compact representation, efficient validation and compilation, and safe low to no-overhead execution. Wasm is popular not only on the browsers but finding adoption across various platforms. As its popularity grows for various applications, so does the need to obfuscate it, subsequently raising the necessity to de-obfuscate. In this talk we will discuss how to de-obfuscate Wasm code using LLVM compiler infrastructure. |
|
2025 |
A Closer Look at the Gaps in the Grid: New Vulnerabilities and Exploits Affecting Solar Power Systems |
CONFERENCE |
BLACK HAT 2025 ASIE |
Distributed energy resources (DER), such as solar power systems, are rapidly becoming essential elements of power grids worldwide. However, cybersecurity for these systems is often an afterthought, creating a growing risk to grid reliability. While each residential solar system produces limited power, their combined output reaches dozens of gigawatts — making their collective impact on grid stability too significant to ignore. |
|
2025 |
CDN Cannon: Exploiting CDN Back-to-Origin Strategies for Amplification Attacks |
CONFERENCE |
BLACK HAT 2025 ASIE |
Content Delivery Networks (CDNs) are widely adopted to enhance web performance and offer protection against DDoS attacks. However, our research unveils a critical vulnerability within CDN back-to-origin strategies, allowing attackers to exploit these mechanisms for massive amplification attacks, termed as Back-to-Origin Amplification (BtOAmp) attacks. These attacks leverage CDN configurations that prioritize performance over security, leading to the exhaustion of origin server resources. |
|
2025 |
I Have Got to Warn You, It Is a Learning Robot: Using Deep Learning Attribution Methods for Fault Injection Attacks |
CONFERENCE |
BLACK HAT 2025 ASIE |
Deep Learning (DL) has recently received significant attention in breaking cryptographic implementations on embedded systems. However, research on the subject mostly focused on side-channel attacks (SCAs). |
|
2025 |
The Drone Supply Chain's Grand Siege: From Initial Breaches to Long-Term Espionage on High-Value Targets |
CONFERENCE |
BLACK HAT 2025 ASIE |
In mid-2024, we disclosed a cyber campaign named TIDRONE, attributed to an unidentified threat actor likely linked to Chinese-speaking groups. This campaign revealed a strong focus on the military industry, specifically targeting drone manufacturers in Taiwan. |
|
2025 |
Dismantling the SEOS Protocol |
CONFERENCE |
BLACK HAT 2025 ASIE |
In this talk, we present the first open source implementation of HID SEOS communication protocol over RFID. HID SEOS is a credential technology designed to provide enhanced security, flexibility, and convenience for access control and identity management applications. |
|
2025 |
KernelSnitch: Leaking Kernel Heap Pointers by Exploiting Software-Induced Side-Channel Leakage of Kernel Hash Tables |
CONFERENCE |
BLACK HAT 2025 ASIE |
In this talk, we present a generic software-induced side-channel attack, KernelSnitch, on the operating system. With this new side-channel attack we opened up a novel attack surface in operating systems that are both, potent and difficult to patch. |
|
2025 |
The ByzRP Solution: A Global Operational Shield for RPKI Validators |
CONFERENCE |
BLACK HAT 2025 ASIE |
The Border Gateway Protocol (BGP) is the core routing protocol on the Internet, but it lacks security mechanisms. At the same time, the democratization of access has transformed the Internet into the default platform, where global services and communications happen. |
|
2025 |
The Problems of Embedded Python in Excel, or How to Excel in Pwning Pandas |
CONFERENCE |
BLACK HAT 2025 ASIE |
In Windows build 2407, Microsoft released Python support inside Excel as embedded =PY() functions. According to the Microsoft website: "Python in Excel brings the power of Python analytics into Excel. |
|
2025 |
AI-Powered Image-Based Command and Control (C2) Framework: Utilizing AI Models to Conceal and Extract Commands in C2 Images |
CONFERENCE |
BLACK HAT 2025 ASIE |
Generative AI concentrates on generating novel and unique content in various forms, including text, image, and video. Many researchers focus on utilizing GenAI models to improve our lives or identifying vulnerabilities in GenAI models. |
|
2025 |
Inbox Invasion: Exploiting MIME Ambiguities to Evade Email Attachment Detectors |
CONFERENCE |
BLACK HAT 2025 ASIE |
Email attachments have become a favored delivery vector for malware campaigns. In response, email attachment detectors are widely deployed to safeguard email security. However, an emerging threat arises when adversaries exploit parsing discrepancies between email detectors and clients to evade detection. Currently, uncovering these vulnerabilities still depends on manual, ad hoc methods. |
|
2025 |
State Manipulation: Unveiling New Attack Vectors in Bluetooth Vulnerability Discovery through Protocol State Machine Reconfiguration |
CONFERENCE |
BLACK HAT 2025 ASIE |
The Bluetooth protocol has become ubiquitous, supporting a wide range of devices from personal gadgets like headphones and smartphones to complex systems in automotive and IoT environments. While Bluetooth's flexibility and performance have been thoroughly validated, an overlooked attack surface exists within the protocol's underlying state machines. |
|
2025 |
Sweeping the Blockchain: Unmasking Illicit Accounts in Web3 Scams |
CONFERENCE |
BLACK HAT 2025 ASIE |
The web3 applications have recently been growing, especially on the Ethereum platform, starting to become the target of scammers. The web3 scams, imitating the services provided by legitimate platforms, mimic regular activity to deceive users. |
|
2025 |
Remote Exploitation of Nissan Leaf: Controlling Critical Body Elements from the Internet |
CONFERENCE |
BLACK HAT 2025 ASIE |
Today's vehicles are evolving rapidly, with a rising number of electric models and an expanding array of digital technologies, such as onboard Wi-Fi, Bluetooth, and USB connectivity. These advancements are making cars increasingly connected and technologically complex. However, most vehicles still have largely proprietary internal systems, which, coupled with the critical importance of automotive safety, makes them a significant area of focus for security research. |
|
2025 |
Weaponized Deception: Lessons from Indonesia's Muslim Cyber Army |
CONFERENCE |
BLACK HAT 2025 ASIE |
A defunct Indonesian cyber deception collective of attackers known as Muslim Cyber Army (MCA) modeled one of the first known examples of weaponizing deception and disinformation to disrupt Indonesian politics more than a decade ago, well before the notorious Russian attempts to undermine American electoral politics in 2016. |