Stop that Release There's a Vulnerability!
Lessons from Virginia - A Comparative Forensic Analysis of WinVote Voting Machines
The Problems and Promise of WebAssembly
ARTist - A Novel Instrumentation Framework for Reversing and Analyzing Android Apps and the Middleware
Real Eyes Realize Real Lies: Beating Deception Technologies
Two-Factor Authentication Usable or Not? A Two-Phase Usability Study of the FIDO U2F Security Key
Demystifying PTSD in the Cybersecurity Environment
Fire & Ice: Making and Breaking macOS Firewalls
Money-rity Report: Using Intelligence to Predict the Next Payment Card Fraud Victims
Black Box is Dead. Long Live Black Box!
The Science of Hiring and Retaining Female Cybersecurity Engineers
New Norms and Policies in Cyber-Diplomacy
Your Voice is My Passport
Snooping on Cellular Gateways and Their Critical Role in ICS
Identity Theft: Attacks on SSO Systems
Kernel Mode Threats and Practical Defenses
The Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet
Reconstruct the World from Vanished Shadow: Recovering Deleted VSS Snapshots
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform Capabilities
Decompiler Internals: Microcode
Stealth Mango and the Prevalence of Mobile Surveillanceware
A Deep Dive into macOS MDM (and How it can be Compromised)
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels
GOD MODE UNLOCKED - Hardware Backdoors in x86 CPUs
AI & ML in Cyber Security - Why Algorithms are Dangerous
Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies
Pestilential Protocol: How Unsecure HL7 Messages Threaten Patient Lives
Outsmarting the Smart City
WebAssembly: A New World of Native Exploits on the Browser
Playback: A TLS 1.3 Story
TLBleed: When Protecting Your CPU Caches is Not Enough
Wrangling with the Ghost: An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities
So I became a Domain Controller
Applied Self-Driving Car Security
Protecting the Protector Hardening Machine Learning Defenses Against Adversarial Attacks
None of My Pixel is Your Business: Active Watermarking Cancellation Against Video Streaming Service
Windows Offender: Reverse Engineering Windows Defender's Antivirus Emulator
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities
Automated Discovery of Deserialization Gadget Chains
Another Flip in the Row
Legal Liability for IOT Cybersecurity Vulnerabilities
Catch me Yes we can! – Pwning Social Engineers using Natural Language Processing Techniques in Real-Time
Exploitation of a Modern Smartphone Baseband
Last Call for SATCOM Security
How can Someone with Autism Specifically Enhance the Cyber Security Workforce?
For the Love of Money: Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems
SDL That Won't Break the Bank
Mainframe \[z/OS\] Reverse Engineering and Exploit Development
Hardening Hyper-V through Offensive Security Research
Lowering the Bar: Deep Learning for Side Channel Analysis
IoT Malware: Comprehensive Survey Analysis Framework and Case Studies
Understanding and Exploiting Implanted Medical Devices
Practical Web Cache Poisoning: Redefining 'Unexploitable'
SirenJack: Cracking a 'Secure' Emergency Warning Siren System
The Finest Penetration Testing Framework for Software-Defined Networks
Follow the White Rabbit: Simplifying Fuzz Testing Using FuzzExMachina
Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library
Lessons and Lulz: The 4th Annual Black Hat USA NOC Report
It's a PHP Unserialization Vulnerability Jim but Not as We Know It
An Attacker Looks at Docker: Approaching Multi-Container Applications
DeepLocker - Concealing Targeted Attacks with AI Locksmithing
Over-the-Air: How we Remotely Compromised the Gateway BCM and Autopilot ECUs of Tesla Cars
Return of Bleichenbacher's Oracle Threat (ROBOT)