| 09:00 |
Zovi
|
Every Security Team is a Software Team Now |
| 10:30 |
Murray
|
Legal GNSS Spoofing and its Effects on Autonomous Vehicles |
Chen,
Ma,
Ma
|
Biometric Authentication Under Threat: Liveness Detection Hacking |
|
Gong,
Pi
|
Bypassing the Maginot Line: Remotely Exploit the Hardware Decoder on Smartphone |
|
Chau
|
A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works |
|
Comerford,
Saunders,
Williams
|
Detecting Deep Fakes with Mice |
|
Burke
|
ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended |
|
Mirosh,
Munoz
|
SSO Wars: The Token Menace |
|
Wu
|
Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically |
|
Fisher,
Valenta
|
Monsters in the Middleboxes: Building Tools for Detecting HTTPS Interception |
|
| 11:15 |
Blaxill,
Sandin
|
PicoDMA: DMA Attacks at Your Fingertips |
Feng,
Liu
|
The Most Secure Browser? Pwning Chrome from 2016 to 2019 |
|
Jablonski,
Wijesekera
|
Attacking Electric Motors for Fun and Profit |
|
Block,
Matula
|
APIC's Adventures in Wonderland |
|
Vanhoef
|
Dragonblood: Attacking the Dragonfly Handshake of WPA3 |
|
Bialek
|
Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine |
|
Metcalf,
Morowczynski
|
Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD) |
|
Bilodeau,
Paquet-Clouston
|
Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware |
|
Francois,
Galperin,
Schneier
|
Hacking for the Greater Good: Empowering Technologists to Strengthen Digital Society |
|
| 13:30 |
Chuadhry,
Ochoa
|
Sensor and Process Fingerprinting in Industrial Control Systems |
Hasarfaty,
Moyal
|
Behind the Scenes of Intel Security and Manageability Engine |
|
Kettle
|
HTTP Desync Attacks: Smashing into the Cell Next Door |
|
Sedova,
Sengirbay
|
It's Not What You Know, It's What You Do: How Data Can Shape Security Engagement |
|
Wixey
|
I'm Unique, Just Like You: Human Side-Channels and Their Implications for Security and Privacy |
|
Coldwater,
Cooley
|
The Path Less Traveled: Abusing Kubernetes Defaults |
|
Smith
|
Cyber Insurance 101 for CISO’s |
|
Borgaonkar,
Shaik
|
New Vulnerabilities in 5G Networks |
|
Shwartz
|
Selling 0-Days to Governments and Offensive Security Companies |
|
Gao,
Huang,
Xie,
Ye
|
All the 4G Modules Could be Hacked |
|
| 14:40 |
Amini
|
Worm Charming: Harvesting Malware Lures for Fun and Profit |
Chang,
Tsai
|
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs |
|
Datko,
Roth
|
Chip.Fail - Glitching the Silicon of the Connected World |
|
Aumasson
|
Lessons From Two Years of Crypto Audits |
|
Silvanovich
|
Look, No Hands! -- The Remote, Interaction-less Attack Surface of the iPhone |
|
Mulliner
|
Come Join the CAFSA - Continuous Automated Firmware Security Analysis |
|
Kouns
|
Integration of Cyber Insurance Into A Risk Management Program |
|
Kovar,
Nickels
|
MITRE ATT&CK: The Play at Home Edition |
|
Hypponen
|
Responding to a Cyber Attack with Missiles |
|
Simakov,
Zinar
|
Finding a Needle in an Encrypted Haystack: Leveraging Cryptographic Abilities to Detect the Most Prevalent Attacks on Active Directory |
|
| 16:00 |
Beurdouche,
Cohn-Gordon,
Robert
|
Messaging Layer Security: Towards a New Era of Secure Group Messaging |
Klimburg
|
The Cyber Shell Game – War, Information Warfare, and the Darkening Web |
|
Dykstra,
Stone
|
Hacking Your Non-Compete |
|
Landers
|
Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover |
|
Santamarta
|
Arm IDA and Cross Check: Reversing the Boeing 787's Core Network |
|
Riancho
|
Internet-Scale Analysis of AWS Cognito Security |
|
Prevost
|
How Do Cyber Insurers View The World? |
|
Forsgren,
Shortridge
|
Controlled Chaos: The Inevitable Marriage of DevOps & Security |
|
Baril,
Itkin
|
He Said, She Said – Poisoned RDP Offense and Defense |
|
Joly
|
Hunting for Bugs, Catching Dragons |
|
| 17:05 |
Friedman
|
Transparency in the Software Supply Chain: Making SBOM a Reality |
Vanunu,
Zaikin
|
Reverse Engineering WhatsApp Encryption for Chat Manipulation and More |
|
Bernal
|
Detecting Malicious Files with YARA Rules as They Traverse the Network |
|
Song
|
PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary |
|
Metzman
|
Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing |
|
O'Flynn
|
MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection |
|
Heffner,
Johnson,
Vessels
|
Cybersecurity Risk Assessment for Safety-Critical Systems |
|
Bursztein,
Oliveira
|
Deconstructing the Phishing Campaigns that Target Gmail Users |
|
Fedorov,
Tyagi
|
Defense Against Rapidly Morphing DDOS |
| 09:00 |
Wilkin
|
Testing Your Organization's Social Media Awareness |
Pavur
|
GDPArrrrr: Using Privacy Laws to Steal Identities |
|
Lynch
|
Woke Hiring Won't Save Us: An Actionable Approach to Diversity Hiring and Retention |
|
Carcano,
Dragoni,
Pinto
|
The Future of Securing Intelligent Electronic Devices Using the IEC 62351-7 Standard for Monitoring |
|
Farshchi
|
On Trust: Stories from the Front Lines |
|
Teissier
|
Mobile Interconnect Threats: How Next-Gen Products May be Already Outdated |
|
Westelius
|
Attack Surface as a Service |
|
Soman
|
Death to the IOC: What's Next in Threat Intelligence |
|
Brand
|
WebAuthn 101 - Demystifying WebAuthn |
|
| 09:45 |
Healey,
Jenkins
|
Rough and Ready: Frameworks to Measure Persistent Engagement and Deterrence |
Doerr
|
The Enemy Within: Modern Supply Chain Attacks |
|
Cui,
Housley,
Kataria
|
100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans |
|
Hauke,
Renardy
|
Denial of Service with a Fistful of Packets: Exploiting Algorithmic Complexity Vulnerabilities |
|
Gazet,
Matrosov
|
Breaking Through Another Side: Bypassing Firmware Security Boundaries from Embedded Controller |
|
Price,
Price
|
Playing Offense and Defense with Deepfakes |
|
Ruddermann
|
Planning a Bug Bounty: The Nuts and Bolts from Concept to Launch |
|
Bai,
Zheng
|
All Your Apple are Belong to Us: Unique Identification and Cross-Device Tracking of Apple Devices |
|
Schneier
|
Information Security in the Public Interest |
|
Hawkes
|
Project Zero: Five Years of "Make 0Day Hard" |
|
| 11:00 |
Biham,
Bitan,
Malin,
Wool
|
Rogue7: Rogue Engineering-Station Attacks on S7 Simatic PLCs |
Maddux
|
API-Induced SSRF: How Apple Pay Scattered Vulnerabilities Across the Web |
|
Conti,
Fanelli
|
Operational Templates for State-Level Attack and Collective Defense of Countries |
|
Lacharite
|
Breaking Encrypted Databases: Generic Attacks on Range Queries |
|
Kang,
Nakajima,
Yen
|
Women in Security: Building a Female InfoSec Community in Korea, Japan, and Taiwan |
|
Caswell,
Goldstein,
Jay,
Sabens,
Stanley
|
Bounty Operations: Best Practices and Common Pitfalls to Avoid in the First 6-12 Months |
|
Shrivastava
|
DevSecOps : What, Why and How |
|
Robbins,
Schroeder,
Vazarkar
|
Finding Our Path: How We're Trying to Improve Active Directory Security |
|
Klein,
Kotler
|
Process Injection Techniques - Gotta Catch Them All |
|
| 12:10 |
Snezhkov
|
Zombie Ant Farming: Practical Tips for Playing Hide and Seek with Linux EDRs |
Delikat,
Knighton
|
Ghidra - Journey from Classified NSA Tool to Open Source |
|
Almubayed
|
Practical Approach to Automate the Discovery and Eradication of Open-Source Software Vulnerabilities at Scale |
|
Blazakis,
Keltner
|
Firmware Cartography: Charting the Course for Modern Server Compromise |
|
Gong,
Pi
|
Exploiting Qualcomm WLAN and Modem Over The Air |
|
Zenz
|
Infighting Among Russian Security Services in the Cyber Sphere |
|
Brown
|
Managing for Success: Maintaining a Healthy Bug Bounty Program Long Term |
|
Krstić
|
Behind the scenes of iOS and Mac Security |
|
Cai,
Gruffke,
Schweppe,
Wang,
Zhang
|
0-days & Mitigations: Roadways to Exploit and Secure Connected BMW Cars |
|
Jacobs,
Roytman
|
Predictive Vulnerability Scoring System |
|
| 14:30 |
Huang,
Wang
|
Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime |
Chan,
Jaiswal,
Zhang
|
Preventing Authentication Bypass: A Tale of Two Researchers |
|
Benfey,
Menn,
Rioux,
Zatko
|
Making Big Things Better the Dead Cow Way |
|
Davidov,
Erickson
|
Inside the Apple T2 |
|
Stone
|
Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps |
|
Rolles
|
Automation Techniques in C++ Reverse Engineering |
|
Berta
|
Backdooring Hardware Devices by Injecting Malicious Payloads on Microcontrollers |
|
Smith,
Wolf
|
Fantastic Red-Team Attacks and How to Find Them |
|
Seri,
Zusman
|
Critical Zero Days Remotely Compromise the Most Popular Real-Time OS |
|
| 15:50 |
Birch
|
HostSplit: Exploitable Antipatterns in Unicode Normalization |
Bédrune,
Campana
|
Everybody be Cool, This is a Robbery! |
|
Franceschi-Bicchierai
|
The Discovery of a Government Malware and an Unexpected Spy Scandal |
|
Martin
|
The Future of ATO |
|
Howes,
Wozniak
|
Securing Apps in the Open-By-Default Cloud |
|
Januszkiewicz
|
Adventures in the Underland: The CQForensic Toolkit as a Unique Weapon Against Hackers |
|
Wang,
Xu
|
Attacking iPhone XS Max |
|
Edwards,
Freeman
|
A Compendium of Container Escapes |
|
Breuer,
Perlman
|
Hacking Ten Million Useful Idiots: Online Propaganda as a Socio-Technical Security Project |
|
| 17:00 |
Li,
Wu
|
Debug for Bug: Crack and Hack Apple Core by Itself - Fun and Profit to Debug and Fuzz Apple Kernel by lldb Script |
Jerkeby
|
Command Injection in F5 iRules |
|
.,
Huebler
|
Moving from Hacking IoT Gadgets to Breaking into One of Europe's Highest Hotel Suites |
|
Heisler,
Stanislav
|
Shifting Knowledge Left: Keeping up with Modern Application Security |
|
Li,
Qian,
Wu
|
Exploring the New World : Remote Exploitation of SQLite and Curl |
|
Andonov,
Sardar
|
Paging All Windows Geeks – Finding Evil in Windows 10 Compressed Memory |
|
Hölzel,
Lovink
|
How to Detect that Your Domains are Being Abused for Phishing by Using DNS |
|
Stump,
Wyler
|
Lessons and Lulz: The 5th Annual Black Hat USA NOC Report |
|
Adamski,
Guilbon,
Peterlin
|
Breaking Samsung's ARM TrustZone |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.