2010-07-28

08:50

• Welcome & Introduction to Black Hat USA 2010

09:00

• Keynote

10:00

• Payload Already Inside: Data Re-Use for ROP exploits

• Attacking Kerberos Deployments

• The Emperor Has No Clothes: Insecurities in Security Infrastructure

• ExploitSpotting: Locating Vulnerabilities Out Of Vendor Patches Automatically

• Base Jumping: Attacking GSM Base Station Systems and Mobile Phone Base Bands

• Optimizing the Security Researcher and CSO Relationship

• Drivesploit: Circumventing both automated AND manual drive-by-download detection

• Malware Freak Show 2010: The Client-Side Boogaloo

• WPA Migration Mode: WEP is back to haunt you…

• Industrial Bug Mining - Extracting, Grading and Enriching the Ore of Exploits

• Cloud Security Alliance Summit

11:15

• Aleatory Persistent Threat

• Understanding the Windows SMB NTLM Weak Nonce Vulnerability

• Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters

• Crash Analysis using BitBlaze

• More Bugs In More Places: Secure Development On Moble Platforms

• Systemic DNS Vulnerabilities and Risk Management: A Discussion With the Experts

• Balancing the Pwn Trade Deficit

• Malware Attribution: Tracking Cyber Spies and Digital Criminals

• Extreme-range RFID tracking

• Virtual Forensics

13:45

• Hacking Java Clients

• Adventures in Limited User Post Exploitation

• SCADA and ICS for Security Experts: How to avoid Cyberdouchery

• Jackpotting Automated Teller Machines Redux

• These Aren't the Permissions You're Looking For

• Cyber war...Are we at war? And if we are, how should we fight it?

• One on One Interview with General (Ret.) Michael V. Hayden

• Social Networking Special Ops: Extending Data Visualization Tools for faster Pwnage

• mod_antimalware: A Novel Apache Module for Containing web-based Malware Infections

• Burning Asgard - What happens when Loki breaks free

• Network Stream Debugging with Mallory

15:15

• Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research

• Standing on the Shoulders of the Blue Monster: Hardening Windows Applications

• Black Ops Of Fundamental Defense: Web Edition

• Blue Screen Of the Death is Dead.

• Everybody be cool this is a roppery!

• Security Innovation Network: Connecting Buyers, Builders, and the Research Community

• Finger Pointing for Fun, Profit and War?

• BlindElephant: WebApp Fingerprinting and Vulnerability Inferencing

• Exploiting Timing Attacks in Widespread Systems

• JavaSnoop: How to Hack Anything Written in Java

• Hacker Court

16:45

• SAP Backdoors: A Ghost at the Heart of Your Business

• Ushering in the Post-GRC World: Applied Threat Modeling

• Wardriving the Smart Grid: Practical Approaches to Attacking Utility Packet Radios

• App Attack: Surviving the Mobile Application Explosion

• Reception: Security Innovation Network

• Getting In Bed With Robin Sage

• Mastering the Nmap Scripting Engine

• PSUDP: A Passive Approach to Network-Wide Covert Communication

• Exploiting the Forest with Trees