The Future of ApplePwn - How to Save Your Money
Skype & Type: Keystroke Leakage over VoIP
The Industrial Revolution of Lateral Movement
Influencing the Market to Improve Security
OpenCrypto: Unchaining the JavaCard Ecosystem
The Shadow Brokers – Cyber Fear Game-Changers
Bot vs. Bot for Evading Machine Learning Malware Detection
Escalating Insider Threats Using VMware's API
The Epocholypse 2038: What's in Store for the Next 20 Years
Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
Fad or Future? Getting Past the Bug Bounty Hype
Redesigning PKI to Solve Revocation Expiration and Rotation Problems
rVMI: A New Paradigm for Full System Analysis
Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
Evading Microsoft ATA for Active Directory Domination
Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
Bug Collisions Meet Government Vulnerability Disclosure
Hunting GPS Jammers
Practical Tips for Defending Web Applications in the Age of DevOps
Breaking the Laws of Robotics: Attacking Industrial Robots
Intel SGX Remote Attestation is Not Sufficient
Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
Why Most Cyber Security Training Fails and What We Can Do About it
Go to Hunt Then Sleep
Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
Exploitation of Kernel Pool Overflow on Microsoft Windows 10 DKOM/DKOHM is Back in DKOOHM! Direct Kernel Optional Object Header Manipulation
Game of Chromes: Owning the Web with Zombie Chrome Extensions
Honey I Shrunk the Attack Surface – Adventures in Android Security Hardening
Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
kR\^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
Free-Fall: Hacking Tesla from Wireless to CAN Bus
Attacking Encrypted USB Keys the Hard(ware) Way
Taking Over the World Through MQTT - Aftermath
Evolutionary Kernel Fuzzing
Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
The Origin of Array \[@@species\]: How Standards Drive Bugs in Script Engines
Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
Friday the 13th: JSON Attacks
Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
Exploit Kit Cornucopia
Defeating Samsung KNOX with Zero Privilege
Electronegativity - A Study of Electron Security
WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
Intel AMT Stealth Breakthrough
Blue Pill for Your Phone
Exploiting Network Printers
Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
Dealing the Perfect Hand - Shuffling Memory Blocks on z/OS
RBN Reloaded - Amplifying Signals from the Underground
Breaking the x86 Instruction Set
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
Betraying the BIOS: Where the Guardians of the BIOS are Failing
The Adventures of AV and the Leaky Sandbox