Кращі доповіді Black Hat USA 2016

Black Hat USA 2016 — конференція, яка збирає разом кращі уми в галузі безпеки (хакерів і Црушників), щоб визначити, в якому майбутньому ми будемо жити. Що було в Вегасі, залишається у Вегасі. Але все ж до нас дійшли відеозапису 120 доповідей.

image

Я трохи підметушився і вибрав особистий список топ-18 найцікавіших доповідей, які, можливо, варто перекласти і опублікувати на Хабре.

Соціальна інженерія, DDoS, лінгвістичні особливості телефонних шахраїв, страхування в області ІБ, Dragons&Dungeons для кібербезпеки, атаки по стороннім каналах, багато (чорного) гумору, дрони.
Пропонуйте свої варіанти, який доповідь найцікавіший, може я щось упустив.


Список від DARKreading 10 Hottest Talks at Black Hat USA 2016
  • Advanced CAN Injection Techniques for Vehicle Networks
  • Breaking FIDO: Are Exploits In There?
  • Design Approaches for Security Automation
  • Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks
  • Windows 10 Mitigation Improvements
  • The Linux Kernel Hidden Inside Windows 10
  • 1000 Ways to Die in Mobile OAuth
  • GATTacking Bluetooth Smart Devices—Introducing a New BLE Proxy Tool
  • Into The Core—An In-Depth Exploration of the Windows 10 IoT Core
  • A Lightbulb Worm?


How to Make People Click on a Dangerous Link Despite Their Security Awareness



слайды

відео


Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud


слайди PDF
відео


Drone Attacks on Industrial Wireless: A New in Front Cyber Security


слайды

відео


Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process


слайды

відео


Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools


слайды

відео


1000 Ways to Die in Mobile Oauth


слайды

відео


An insider's Guide to Cyber-Insurance and Security Guarantees
image

слайды

відео


Investigating DDOS — Architecture Actors and Attribution


відео


Language Properties of Phone Шахраїв: Cyberdefense At the Level of the Human


слайди

відео


The Tao of the Hardware Te of Implants


слайды

відео


Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter


слайды

відео


Cyber War in Perspective: Analysis From the Crisis in Ukraine


слайды

відео


Security Through Design — Making Security Better By Designing for People


слайды

відео


Side-Channel Attacks on Everyday Applications


слайды

відео


Dungeons Dragons and Security


слайды

відео


VoIP Wars: the Phreakers Awaken


слайды

відео


Defense At Hyperscale: Technologies and Policies for a Defensible Cyberspace


слайды

відео


Brute-Forcing Lockdown Harddrive Pin-Коди


слайды
відео


Список всіх доповідей

Плейлист тут: Black Hat USA 2016 PlayList
  1. Why This Internet Worked How We Could Lose It and the Role Hackers Play
  2. A Journey From JNDI/LDAP Manipulation to Remote Code Execution Dream Land
  3. The Art of Defense — How Vulnerabilities Help Shape Security Features and Mitigations in Android
  4. Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud
  5. Applied Machine Learning for Data Exfil and Other Fun Topics
  6. Canspy: A Platform for Auditing Can Devices
  7. Dangerous Hare: Hanging Attribute References Hazards Vendor Due to Customization
  8. Over the Edge: Silently Owning Windows 10's Secure Browser
  9. How to Make People Click on a Dangerous Link Despite Their Security Awareness
  10. Certificate Bypass: Hiding and Executing Malware From a Digitally Signed Executable
  11. Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network
  12. Drone Attacks on Industrial Wireless: A New in Front Cyber Security
  13. Hackproofing Oracle Ebusiness Suite
  14. Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process
  15. Gattacking Bluetooth Smart Devices — Introducing a New BLE Proxy Tool
  16. Measuring Adversary Costs to Exploit Commercial Software
  17. Removing Roadblocks to Diversity
  18. HEIST: HTTP Encrypted Information Can Be Stolen Through TCP-Windows
  19. Memory Forensics Using Virtual Machine Introspection for Cloud Computing
  20. Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
  21. Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
  22. Towards a Holistic Approach in Building Intelligence to Fight Crimeware
  23. Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root
  24. The Remote Malicious Butler Did It!
  25. Xenpwn: Breaking Paravirtualized Devices
  26. PWNIE
  27. An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits
  28. Understanding HL7 2.X Standards, Pen Testing, and Defending HL7 2.X Messages
  29. 1000 Ways to Die in Mobile Oauth
  30. A Retrospective on the Use of Export Cryptography
  31. Windows 10 Segment Heap Internals
  32. Abusing Bleeding Edge Web Standards for Appsec Glory
  33. AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It
  34. Analysis of the Attack Surface of Windows 10 Virtualization-Based Security
  35. Augmenting Static Analysis Using Pintool: Ablation
  36. An insider's Guide to Cyber-Insurance and Security Guarantees
  37. Cunning With Cng: Soliciting Secrets From Schannel
  38. Beyond the Mcse: Active Directory for the Security Professional
  39. Does Dropping Usb Drives in Parking Lots and Other Places Really Work?
  40. Demystifying Secure the Enclave Processor
  41. I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache
  42. Breaking Payment Points of Interaction (POI)
  43. Into the Core: In-Depth Exploration of Windows 10 IoT Core
  44. Hacking Next-Gen Atms: From Capture to Cashout
  45. Can You Trust Me Now? An Exploration Into the Mobile Threat Landscape
  46. Investigating DDOS — Architecture Actors and Attribution
  47. Intra-Process Memory Protection for Applications on ARM and X86: Leveraging the ELF ABI
  48. Capturing 0Day Exploits With Perfectly Placed Hardware Traps
  49. Next-Generation of Virus Detection Kit By Building Simulated Obfuscators
  50. HTTP/2 & Quic — Teaching Good Protocols to Do Bad Things
  51. Pwning Your Java Messaging With Deserialization Vulnerabilities
  52. Language Properties of Phone Шахраїв: Cyberdefense At the Level of the Human
  53. Recover a RSA Private Key From a TLS Session With Perfect Forward Secrecy
  54. The Linux Kernel Hidden Inside Windows 10
  55. O-Checker: Detection of Malicious Documents Through Deviation From File Format Specifications
  56. The Tao of the Hardware Te of Implants
  57. Access Keys Will Kill You Before You Kill the Password
  58. Hell on Earth: From Browser to System Compromise
  59. Discovering and Exploiting Novel Security Vulnerabilities in Apple Zeroconf
  60. BadWPAD
  61. Breaking Kernel Address Space Layout Randomization (Kaslr) With Intel TSX
  62. Airbnbeware: Short Term Rentals Long Term Pwnage
  63. Account Jumping Post Infection Persistency & Lateral Movement in AWS
  64. Captain Hook: Pirating Avs to Bypass Exploit Mitigations
  65. Hardening AWS Environments and Automating Incident Response for AWS Compromises
  66. Crippling HTTPs With Unholy PAC
  67. Horse Pill: A New Type of Linux Rootkit
  68. Design Approaches for Security Automation
  69. Greatfet: Making Goodfet Great Again
  70. SGX Secure Enclaves in Practice: Security and Crypto Review
  71. Using EMET to Disable EMET
  72. Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter
  73. Viral Video — Exploiting Ssrf in Video Converters
  74. AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion
  75. Windows 10 Mitigation Improvements
  76. Brute-Forcing Lockdown Harddrive Pin-Коди
  77. Building a Product Security Incident Response Team: Learnings From the Hivemind
  78. Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
  79. Cyber War in Perspective: Analysis From the Crisis in Ukraine
  80. Breaking Fido: Are Exploits in There?
  81. Security Through Design — Making Security Better By Designing for People
  82. Iran's Soft-War for Internet Dominance
  83. Side-Channel Attacks on Everyday Applications
  84. From The Risk Power Lines: How to Sniff the G3 Prime and Data and Detect the Interfere Attack
  85. Unleash the Infection Monkey: A Modern Alternative to Pen-Tests
  86. OSS Security Maturity: Time to Put on Your Big Boy Pants!
  87. Watching Commodity Malware Sold to Get a Targeted Actor
  88. PanGu 9 Internals
  89. A Lightbulb Worm?
  90. BadTunnel: How Do I Get Big Brother Power?
  91. PLC-Blaster: A Worm Living Solely in the PLC
  92. A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges
  93. Dungeons Dragons and Security
  94. The Year in Flash
  95. Dark Side of the DNS Force
  96. VoIP Wars: the Phreakers Awaken
  97. Keystone Engine: Next Generation Assembler Framework
  98. Pindemonium: A DBI-Based Generic Unpacker for Windows Executable
  99. Web Application Firewalls: Analysis of Detection Logic
  100. Defense At Hyperscale: Technologies and Policies for a Defensible Cyberspace
  101. Crumbling the Supercookie and Other Ways the Fcc Protects Your Internet Traffic
  102. Advanced Can Injection Techniques for Vehicle Networks
  103. what's the DFIRence for ICS?
  104. Samsung Pay: Tokenized Numbers Flaws and Issues
  105. Breaking Hardware-Enforced Security With Hypervisors
  106. Behind the Scenes of iOS Security
  107. HTTP Cookie Hijacking in the Wild: Security and Privacy Implications
  108. Ouroboros: Tearing Xen Hypervisor With the Snake
  109. Dptrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes
  110. TCP Injection Attacks in the Wild — a Large Scale Study
  111. The Art of Reverse Engineering Flash Exploits
  112. Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks
  113. Using An Expanded Cyber Kill Chain Model to Increase Attack Resiliency
  114. When Governments Attack: State Sponsored Virus Attacks Against Activists Lawyers and Journalists
  115. An Ai Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network
  116. User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems
  117. Attacking SDN Infrastructure: We Are Ready for the Next-Gen Networking?
  118. Trust Building & Enabling Innovation for Voice Enabled IoT
  119. The Beast Within — Evading Dynamic Malware Analysis Using Microsoft.com
  120. Handling Technical Assistance Demands From Law Enforcement


Статті «за мотивами» виступів російською



Ви знайшли флешку. Варто її використовувати?
Does Dropping Usb Drives in Parking Lots and Other Places Really Work?
слайды
відео


Дослідник знайшов лазівку в платіжній системі Samsung Pay, Samsung, але все заперечує
Samsung Pay: Tokenized Numbers, Flaws and Issues
слайды
відео

Джерело: Хабрахабр

0 коментарів

Тільки зареєстровані та авторизовані користувачі можуть залишати коментарі.