Pull to refresh
0
Edison
Изобретаем успех: софт и стартапы

Лучшие доклады Black Hat USA 2016

Reading time6 min
Views18K
Black Hat USA 2016 — конференция, собирающая вместе лучшие умы в области безопасности (хакеров и ЦРУшников), чтобы определить, в каком будущем мы будем жить. Что было в Вегасе, то остается в Вегасе. Но все же до нас дошли видеозаписи 120 докладов.

image

Я немного подсуетился и выбрал личный список топ-18 самых интересных докладов, которые, возможно, стоит перевести на русский и опубликовать на Хабре.

Социальная инженерия, DDoS, лингвистические особенности телефонных мошенников, страхование в области ИБ, Dragons&Dungeons для кибербезопасности, атаки по сторонним каналам, много (черного) юмора, дроны.
Предлагайте свои варианты, какой доклад самый интересный, может я что-то упустил.


EDISON Software Development Centre
Подробнее о методологии тестирования, которую мы используем на проектах в EDISON Software Development Centre.



Список от DARKreading 10 Hottest Talks at Black Hat USA 2016
  • Advanced CAN Injection Techniques for Vehicle Networks
  • Breaking FIDO: Are Exploits In There?
  • Design Approaches for Security Automation
  • Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks
  • Windows 10 Mitigation Improvements
  • The Linux Kernel Hidden Inside Windows 10
  • 1000 Ways to Die in Mobile OAuth
  • GATTacking Bluetooth Smart Devices—Introducing a New BLE Proxy Tool
  • Into The Core—An In-Depth Exploration of the Windows 10 IoT Core
  • A Lightbulb Worm?


How to Make People Click on a Dangerous Link Despite Their Security Awareness





слайды

видео



Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud




слайды PDF
видео



Drone Attacks on Industrial Wireless: A New Front in Cyber Security




слайды

видео



Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process




слайды

видео



Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools




слайды

видео



1000 Ways to Die in Mobile Oauth




слайды

видео



An Insider's Guide to Cyber-Insurance and Security Guarantees


image

слайды

видео



Investigating DDOS — Architecture Actors and Attribution




видео



Language Properties of Phone Scammers: Cyberdefense At the Level of the Human




слайды

видео



The Tao of Hardware the Te of Implants




слайды

видео



Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter




слайды

видео



Cyber War in Perspective: Analysis From the Crisis in Ukraine




слайды

видео



Security Through Design — Making Security Better By Designing for People




слайды

видео



Side-Channel Attacks on Everyday Applications




слайды

видео



Dungeons Dragons and Security




слайды

видео



VoIP Wars: the Phreakers Awaken




слайды

видео



Defense At Hyperscale: Technologies and Policies for a Defensible Cyberspace




слайды

видео



Brute-Forcing Lockdown Harddrive Pin Codes




слайды
видео



Список всех докладов



Плейлист тут: Black Hat USA 2016 PlayList
  1. Why This Internet Worked How We Could Lose It and the Role Hackers Play
  2. A Journey From JNDI/LDAP Manipulation to Remote Code Execution Dream Land
  3. The Art of Defense — How Vulnerabilities Help Shape Security Features and Mitigations in Android
  4. Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud
  5. Applied Machine Learning for Data Exfil and Other Fun Topics
  6. Canspy: A Platform for Auditing Can Devices
  7. Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization
  8. Over the Edge: Silently Owning Windows 10's Secure Browser
  9. How to Make People Click on a Dangerous Link Despite Their Security Awareness
  10. Certificate Bypass: Hiding and Executing Malware From a Digitally Signed Executable
  11. Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network
  12. Drone Attacks on Industrial Wireless: A New Front in Cyber Security
  13. Hackproofing Oracle Ebusiness Suite
  14. Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process
  15. Gattacking Bluetooth Smart Devices — Introducing a New BLE Proxy Tool
  16. Measuring Adversary Costs to Exploit Commercial Software
  17. Removing Roadblocks to Diversity
  18. HEIST: HTTP Encrypted Information Can Be Stolen Through TCP-Windows
  19. Memory Forensics Using Virtual Machine Introspection for Cloud Computing
  20. Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools
  21. Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
  22. Towards a Holistic Approach in Building Intelligence to Fight Crimeware
  23. Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root
  24. The Remote Malicious Butler Did It!
  25. Xenpwn: Breaking Paravirtualized Devices
  26. PWNIE
  27. An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits
  28. Understanding HL7 2.X Standards, Pen Testing, and Defending HL7 2.X Messages
  29. 1000 Ways to Die in Mobile Oauth
  30. A Retrospective on the Use of Export Cryptography
  31. Windows 10 Segment Heap Internals
  32. Abusing Bleeding Edge Web Standards for Appsec Glory
  33. AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It
  34. Analysis of the Attack Surface of Windows 10 Virtualization-Based Security
  35. Augmenting Static Analysis Using Pintool: Ablation
  36. An Insider's Guide to Cyber-Insurance and Security Guarantees
  37. Cunning With Cng: Soliciting Secrets From Schannel
  38. Beyond the Mcse: Active Directory for the Security Professional
  39. Does Dropping Usb Drives in Parking Lots and Other Places Really Work?
  40. Demystifying the Secure Enclave Processor
  41. I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache
  42. Breaking Payment Points of Interaction (POI)
  43. Into the Core: In-Depth Exploration of Windows 10 IoT Core
  44. Hacking Next-Gen Atms: From Capture to Cashout
  45. Can You Trust Me Now? An Exploration Into the Mobile Threat Landscape
  46. Investigating DDOS — Architecture Actors and Attribution
  47. Intra-Process Memory Protection for Applications on ARM and X86: Leveraging the ELF ABI
  48. Capturing 0Day Exploits With Perfectly Placed Hardware Traps
  49. Next-Generation of Exploit Kit Detection By Building Simulated Obfuscators
  50. HTTP/2 & Quic — Teaching Good Protocols to Do Bad Things
  51. Pwning Your Java Messaging With Deserialization Vulnerabilities
  52. Language Properties of Phone Scammers: Cyberdefense At the Level of the Human
  53. Recover a RSA Private Key From a TLS Session With Perfect Forward Secrecy
  54. The Linux Kernel Hidden Inside Windows 10
  55. O-Checker: Detection of Malicious Documents Through Deviation From File Format Specifications
  56. The Tao of Hardware the Te of Implants
  57. Access Keys Will Kill You Before You Kill the Password
  58. Hell on Earth: From Browser to System Compromise
  59. Discovering and Exploiting Novel Security Vulnerabilities in Apple Zeroconf
  60. BadWPAD
  61. Breaking Kernel Address Space Layout Randomization (Kaslr) With Intel TSX
  62. Airbnbeware: Short Term Rentals Long Term Pwnage
  63. Account Jumping Post Infection Persistency & Lateral Movement in AWS
  64. Captain Hook: Pirating Avs to Bypass Exploit Mitigations
  65. Hardening AWS Environments and Automating Incident Response for AWS Compromises
  66. Crippling HTTPs With Unholy PAC
  67. Horse Pill: A New Type of Linux Rootkit
  68. Design Approaches for Security Automation
  69. Greatfet: Making Goodfet Great Again
  70. SGX Secure Enclaves in Practice: Security and Crypto Review
  71. Using EMET to Disable EMET
  72. Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter
  73. Viral Video — Exploiting Ssrf in Video Converters
  74. AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion
  75. Windows 10 Mitigation Improvements
  76. Brute-Forcing Lockdown Harddrive Pin Codes
  77. Building a Product Security Incident Response Team: Learnings From the Hivemind
  78. Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
  79. Cyber War in Perspective: Analysis From the Crisis in Ukraine
  80. Breaking Fido: Are Exploits in There?
  81. Security Through Design — Making Security Better By Designing for People
  82. Iran's Soft-War for Internet Dominance
  83. Side-Channel Attacks on Everyday Applications
  84. The Risk From Power Lines: How to Sniff the G3 and Prime Data and Detect the Interfere Attack
  85. Unleash the Infection Monkey: A Modern Alternative to Pen-Tests
  86. OSS Security Maturity: Time to Put on Your Big Boy Pants!
  87. Watching Commodity Malware Get Sold to a Targeted Actor
  88. PanGu 9 Internals
  89. A Lightbulb Worm?
  90. BadTunnel: How Do I Get Big Brother Power?
  91. PLC-Blaster: A Worm Living Solely in the PLC
  92. A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges
  93. Dungeons Dragons and Security
  94. The Year in Flash
  95. Dark Side of the DNS Force
  96. VoIP Wars: the Phreakers Awaken
  97. Keystone Engine: Next Generation Assembler Framework
  98. Pindemonium: A DBI-Based Generic Unpacker for Windows Executable
  99. Web Application Firewalls: Analysis of Detection Logic
  100. Defense At Hyperscale: Technologies and Policies for a Defensible Cyberspace
  101. Crumbling the Supercookie and Other Ways the Fcc Protects Your Internet Traffic
  102. Advanced Can Injection Techniques for Vehicle Networks
  103. What's the DFIRence for ICS?
  104. Samsung Pay: Tokenized Numbers Flaws and Issues
  105. Breaking Hardware-Enforced Security With Hypervisors
  106. Behind the Scenes of iOS Security
  107. HTTP Cookie Hijacking in the Wild: Security and Privacy Implications
  108. Ouroboros: Tearing Xen Hypervisor With the Snake
  109. Dptrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes
  110. TCP Injection Attacks in the Wild — a Large Scale Study
  111. The Art of Reverse Engineering Flash Exploits
  112. Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks
  113. Using An Expanded Cyber Kill Chain Model to Increase Attack Resiliency
  114. When Governments Attack: State Sponsored Malware Attacks Against Activists Lawyers and Journalists
  115. An Ai Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network
  116. User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems
  117. Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking?
  118. Building Trust & Enabling Innovation for Voice Enabled IoT
  119. The Beast Within — Evading Dynamic Malware Analysis Using Microsoft.com
  120. Handling Technical Assistance Demands From Law Enforcement


Статьи «по мотивам» выступлений на русском



Вы нашли флешку. Стоит ли ее использовать?
Does Dropping Usb Drives in Parking Lots and Other Places Really Work?
слайды
видео



Исследователь нашел бреши в платежной системе Samsung Pay, но Samsung все отрицает
Samsung Pay: Tokenized Numbers, Flaws and Issues
слайды
видео

Tags:
Hubs:
Total votes 17: ↑16 and ↓1+15
Comments3

Articles

Information

Website
www.edsd.ru
Registered
Founded
Employees
31–50 employees
Location
Россия