Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
Web Cache Deception Attack
Adventures in Attacking Wind Farm Control Networks
Wire Me Through Machine Learning
Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
Breaking Electronic Door Locks Like You're on CSI: Cyber
Ichthyology: Phishing as a Science
All Your SMS & Contacts Belong to ADUPS & Others
They're Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
The Avalanche Takedown: Landslide for Law Enforcement
Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
Taking Windows 10 Kernel Exploitation to the Next Level – Leveraging Write-What-Where Vulnerabilities in Creators Update
SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers' Lives Much Harder on Mobile Networks
Challenges of Cooperation Across Cyberspace
Delivering Javascript to World+Dog
Hacking Hardware with a \$10 SD Card Reader
The Active Directory Botnet
Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
How We Created the First SHA-1 Collision and What it Means for Hash Security
Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
Automated Testing of Crypto Software Using Differential Fuzzing
Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
ShieldFS: The Last Word in Ransomware Resilient File Systems
So You Want to Market Your Security Product...
The Art of Securing 100 Products
Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
What's on the Wireless? Automating RF Signal Identification
Go Nuclear: Breaking Radiation Monitoring Devices
Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
Developing Trust and Gitting Betrayed
Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
WSUSpendu: How to Hang WSUS Clients
White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
Cracking the Lens: Targeting HTTP's Hidden Attack-Surface
What They're Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
Evilsploit – A Universal Hardware Hacking Toolkit
Protecting Visual Assets: Digital Image Counter-Forensics
Intercepting iCloud Keychain
Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
Fighting Targeted Malware in the Mobile Ecosystem
(in)Security in Building Automation: How to Create Dark Buildings with Light Speed
Tracking Ransomware End to End
Protecting Pentests: Recommendations for Performing More Secure Tests
Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
Pwnie Awards