43:10
The Hack@DAC Story: Learnings from Organizing the World's Largest Hardware Hacking Competition
30:04
Privacy Detective: Sniffing Out Your Data Leaks for Android
37:23
Debug7: Leveraging a Firmware Modification Attack for Remote Debugging of Siemens S7 PLCs
43:05
The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms
29:16
One Flip is All It Takes: Identifying Syscall-Guard Variables for Data-Only Attacks
31:35
Faults in Our Bus: Novel Bus Fault Attack to Break Trusted Execution Environments
40:22
You Shall Not PASS - Analysing a NSO iOS Spyware Sample
27:59
Voice Phishing Syndicates Unmasked: An In-Depth Investigation and Exposure
38:48
URB Excalibur: The New VMware All-Platform VM Escapes
36:58
Unveiling the Cracks in Virtualization, Mastering the Host System--VMware Workstation Escape
32:32
The Key to Remote Vehicle Control: Autonomous Driving Domain Controller
36:27
The Hole in Sandbox: Escape Modern Web-Based App Sandbox From Site-Isolation Perspective
41:21
The Fault in Our Metrics: Rethinking How We Measure Detection & Response
42:45
The Dark Side of EDR: Repurpose EDR as an Offensive Tool
42:44
The Black Hat Asia Network Operations Center (NOC) Report
33:05
SystemUI As EvilPiP: The Hijacking Attacks on Modern Mobile Devices
25:18
Operation PoisonedApple: Tracing Credit Card Information Theft to Payment Fraud
36:59
Magicdot: A Hacker's Magic Show of Disappearing Dots and Spaces
43:03
LLMs at the Core: From Attention to Action in Scaling Security Teams
35:47
LLM4Shell: Discovering and Exploiting RCE Vulnerabilities in Real-World LLM-Integrated Frameworks
28:31
Immoral Fiber: Unlocking & Discovering New Offensive Capabilities of Fibers
41:01
How to Make Hugging Face to Hug Worms: Discovering and Exploiting Unsafe Pickle.loads
44:00
How to Get the Most Out of the Python Decompilers Uncompyle6 and Decompyle3 - How to Write and Read
33:57
Game of Cross Cache: Let's Win It in a More Effective Way!
37:27
From BYOVD to a 0-day: Unveiling Advanced Exploits in Cyber Recruiting Scams
40:18
EDR Reloaded: Erase Data Remotely
40:34
Confused Learning: Supply Chain Attacks through Machine Learning Models
38:53
Cloud Console Cartographer: Tapping Into Mapping- Slogging Thru Logging
32:09
Chinese APT: A Master of Exploiting Edge Devices
41:05
China's Military Cyber Operations: Has the Strategic Support Force Come of Age?
26:46
CertifiedDCOM: The Privilege Escalation Journey to Domain Admin with DCOM
31:13
Bypassing Entra ID Conditional Access Like APT: A Deep Dive Into Device Authentication Mechanisms
43:57
Breaking Managed Identity Barriers In Azure Services
39:00
Bad Randomness: Protecting Against Cryptography's Perfect Crime
26:01
Back to the Roots: Finding the Origin of CSP Security Bugs
31:35
Attacking Debug Modules In The Android Ecosystem
23:30
A Glimpse Into The Protocol: Fuzz Windows RDP Client For Fun And Profit
02:47
Black Hat Asia 2024 Highlights
00:48
Startup Spotlight Competition at Black Hat
47:58
Locknote: Conclusions and Key Takeaways from Day 2
48:02
Locknote: Conclusions and Key Takeaways from Day 1
01:05:00
Keynote: My Lessons from the Uber Case
41:02
Keynote: Industrialising Cyber Defence in an Asymmetric World
38:03
The Black Hat Europe Network Operations Center (NOC) Report
40:39
My Invisible Adversary: Burnout
44:30
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility
28:23
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to Enable BCP38
35:58
Collide+Power: The Evolution of Software-based Power Side-Channels Attacks
26:36
Through the Looking Glass: How Open Source Projects See Vulnerability Disclosure
31:20
New Techniques for Split-Second DNS Rebinding
40:27
Something Rotten in the State of Data Centers
36:13
When The Front Door Becomes a Backdoor: The Security Paradox of OSDP
35:22
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
29:33
Kidnapping Without Hostages: Virtual Kidnapping and the Dark Road Ahead
23:13
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
30:14
One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials
39:50
Off The Record - Weaponizing DHCP DNS Dynamic Updates
34:17
Breaching the Perimeter via Cloud Synchronized Browser Settings
38:19
Hiding in the Clouds: Abusing Azure DevOps Services to Bypass Microsoft Sentinel Analytic Rules
39:28
Vulnerabilities in Old Third-Party Software Components- Importance of Having SBoM for IoT/OT Devices
X
About
Black Hat is the most technical and relevant information security event series in the world. For more than 25 years, Black Hat Briefings have provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and Trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.
From its inception in 1997, Black Hat has grown from a single annual conference in Las Vegas to the most respected information security event series internationally. Today, Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia, providing a premier venue for elite security researchers and trainers to find their audience.
Tags