2012-07-25

00:00

• MY ARDUINO CAN BEAT UP YOUR HOTEL ROOM LOCK

08:50

• Welcome & Introduction to Black Hat USA 2012

09:00

• CHANGING THE SECURITY PARADIGM....TAKING BACK YOUR NETWORK AND BRINGING PAIN TO THE ADVERSARY

10:15

• SMASHING THE FUTURE FOR FUN AND PROFIT

• ADVANCED ARM EXPLOITATION

• A STITCH IN TIME SAVES NINE: A CASE OF MULTIPLE OPERATING SYSTEM VULNERABILITY

• SEXYDEFENSE - MAXIMIZING THE HOME-FIELD ADVANTAGE

• FILE DISINFECTION FRAMEWORK: STRIKING BACK AT POLYMORPHIC VIRUSES

• <GHZ OR BUST: BLACKHAT

• ADVANCED CHROME EXTENSION EXPLOITATION - LEVERAGING API POWERS FOR THE BETTER EVIL

11:45

• BLACK OPS

• GOOGLE NATIVE CLIENT - ANALYSIS OF A SECURE BROWSER PLUGIN SANDBOX

• HOW THE ANALYSIS OF ELECTRICAL CURRENT CONSUMPTION OF EMBEDDED SYSTEMS COULD LEAD TO CODE REVERSING?

• SCALING UP BASEBAND ATTACKS: MORE (UNEXPECTED) ATTACK SURFACE

• THE DEFENSE RESTS: AUTOMATION AND APIS FOR IMPROVING SECURITY

• EXPLOITING THE JEMALLOC MEMORY ALLOCATOR: OWNING FIREFOX'S HEAP

• CONFESSIONS OF A WAF DEVELOPER: PROTOCOL-LEVEL EVASION OF WEB APPLICATION FIREWALLS

14:15

• CUTECATS.EXE AND THE ARAB SPRING

• MODSECURITY AS UNIVERSAL CROSS-PLATFORM WEB PROTECTION TOOL

• LOOKING INTO THE EYE OF THE METER

• DON'T STAND SO CLOSE TO ME: AN ANALYSIS OF THE NFC ATTACK SURFACE

• CONTROL-ALT-HACK(TM): WHITE HAT HACKING FOR FUN AND PROFIT (A COMPUTER SECURITY CARD GAME)

• THE INFO LEAK ERA ON SOFTWARE EXPLOITATION

• TORTURING OPENSSL

• CODE REVIEWING WEB APPLICATION FRAMEWORK BASED APPLICATIONS (STRUTS 2, SPRING MVC, RUBY ON RAILS (GROOVY ON GRAILS), .NET MVC)

• LINUX INTERACTIVE EXPLOIT DEVELOPMENT WITH GDB AND PEDA

14:35

• THE LAST GASP OF THE INDUSTRIAL AIR-GAP...

• HTEXPLOIT BYPASSING HTACCESS RESTRICTIONS

14:55

• STIX: THE STRUCTURED THREAT INFORMATION EXPRESSION

• LIBINJECTION: A C LIBRARY FOR SQLI DETECTION AND GENERATION THROUGH LEXICAL ANALYSIS OF REAL WORLD ATTACKS

15:30

• ERRATA HITS PUBERTY: 13 YEARS OF CHAGRIN

• PRNG: PWNING RANDOM NUMBER GENERATORS (IN PHP APPLICATIONS)

• WINDOWS 8 HEAP INTERNALS

• PROBING MOBILE OPERATOR NETWORKS

• INTRUSION DETECTION ALONG THE KILL CHAIN: WHY YOUR DETECTION SYSTEM SUCKS AND WHAT TO DO ABOUT IT

• ARE YOU MY TYPE? - BREAKING .NET SANDBOXES THROUGH SERIALIZATION

• WEB TRACKING FOR YOU

17:00

• THE MYTH OF TWELVE MORE BYTES: SECURITY ON THE POST-SCARCITY INTERNET

• OWNING BAD GUYS {AND MAFIA} WITH JAVASCRIPT BOTNETS

• GHOST IS IN THE AIR(TRAFFIC)

• ADVENTURES IN BOUNCERLAND

• EXPLOIT MITIGATION IMPROVEMENTS IN WIN 8

• PINPADPWN

• HERE BE BACKDOORS: A JOURNEY INTO THE SECRETS OF INDUSTRIAL FIRMWARE

• FROM THE IRISCODE TO THE IRIS: A NEW VULNERABILITY OF IRIS RECOGNITION SYSTEMS