Optimistic Dissatisfaction with the Status Quo: Steps We Must Take to Improve Security in Complex Landscapes
Holding on for Tonight: Addiction in InfoSec
Dissecting Non-Malicious Artifacts: One IP at a Time
Edge Side Include Injection: Abusing Caching Servers into SSRF and Transparent Session Hijacking
Measuring the Speed of the Red Queen's Race; Adaption and Evasion in Malware
Exposing the Bait: A Qualitative Look at the Impact of Autonomous Peer Communication to Enhance Organizational Phishing Detection
Detecting Credential Compromise in AWS
Software Attacks on Hardware Wallets
Finding Xori: Malware Analysis Triage with Automated Disassembly
How I Learned to Stop Worrying and Love the SBOM
Stress and Hacking: Understanding Cognitive Stress in Tactical Cyber Ops
New Trends in Browser Exploitation: Attacking Client-Side JIT Compilers
KeenLab iOS Jailbreak Internals: Userland Read-Only Memory can be Dangerous
Miasm: Reverse Engineering Framework
From Bot to Robot: How Abilities and Law Change with Physicality
A Dive in to Hyper-V Architecture & Vulnerabilities
Deep Neural Networks for Hackers: Methods Applications and Open Source Tools
Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of Industrial Control Systems Forever
Legal Landmines: How Law and Policy are Rapidly Shaping Information Security
There will be Glitches: Extracting and Analyzing Automotive Firmware Efficiently
No Royal Road … Notes on Dangerous Game
Compression Oracle Attacks on VPN Networks
Reversing a Japanese Wireless SD Card - From Zero to Code Execution
Remotely Attacking System Firmware
Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers
Deep Dive into an ICS Firewall Looking for the Fire Hole
Too Soft\[ware Defined\] Networks: SD-WAN Vulnerability Assessment
Threat Modeling in 2018: Attacks Impacts and Other Updates
Mental Health Hacks: Fighting Burnout Depression and Suicide in the Hacker Community
Don't @ Me: Hunting Twitter Bots at Scale
WireGuard: Next Generation Secure Network Tunnel
Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology
Meltdown: Basics Details Consequences
From Workstation to Domain Admin: Why Secure Administration isn't Secure and How to Fix it
Every ROSE has its Thorn: The Dark Art of Remote Online Social Engineering
The Unbearable Lightness of BMC's
Open Sesame: Picking Locks with Cortana
LTE Network Automation Under Threat
Why so Spurious? How a Highly Error-Prone x86/x64 CPU Feature can be Abused to Achieve Local Privilege Escalation on Many Operating Systems
A Brief History of Mitigation: The Path to EL1 in iOS 11
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!
Behind the Speculative Curtain: The True Story of Fighting Meltdown and Spectre
Breaking the IIoT: Hacking industrial Control Gateways
ZEROing Trust: Do Zero Trust Approaches Deliver Real Security?
Squeezing a Key through a Carry Bit
InfoSec Philosophies for the Corrupt Economy
A Tangled Curl: Attacks on the Curl-P Hash Function Leading to Signature Forgeries in the IOTA Signature Scheme
AFL's Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries
I for One Welcome Our New Power Analysis Overlords
Back to the Future: A Radical Insecure Design of KVM on ARM
The Air-Gap Jumpers
Is the Mafia Taking Over Cybercrime?
Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Infrastructure
How can Communities Move Forward After Incidents of Sexual Harassment or Assault?