| 09:00 |
Kaminsky
|
The Hidden Architecture of our Time: Why This Internet Worked How We Could Lose It and the Role Hackers Play |
| 10:20 |
Lester,
Zadegan
|
Abusing Bleeding Edge Web Standards for AppSec Glory |
Valtman,
Watson
|
Breaking Payment Points of Interaction (POI) |
|
Ionescu
|
The Linux Kernel Hidden Inside Windows 10 |
|
Metcalf
|
Beyond the MCSE: Active Directory for the Security Professional |
|
Fitch,
Pierce,
Spisak
|
Capturing 0day Exploits with PERFectly Placed Hardware Traps |
|
Pearce,
Vincent
|
HTTP/2 & QUIC - Teaching Good Protocols To Do Bad Things |
|
Thomas
|
Can You Trust Me Now? An Exploration into the Mobile Threat Landscape |
|
Adrian
|
A Retrospective on the Use of Export Cryptography |
|
Mehta
|
Augmenting Static Analysis Using Pintool: Ablation |
|
| 11:30 |
Litchfield
|
Hackproofing Oracle eBusiness Suite |
Zillner
|
Memory Forensics Using Virtual Machine Introspection for Cloud Computing |
|
Hariri,
JasielSpelman,
Molinyawe,
Smith
|
$hell on Earth: From Browser to System Compromise |
|
Chen,
Grassi,
He,
YubinFu
|
Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root |
|
Mirosh,
Munoz
|
A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land |
|
Benenson
|
Exploiting Curiosity and Context: How to Make People Click on a Dangerous Link Despite Their Security Awareness |
|
Wallace,
Wolff,
Zhao
|
Applied Machine Learning for Data Exfil and Other Fun Topics |
|
.,
Zatko
|
Measuring Adversary Costs to Exploit Commercial Software: The Government- Bootstrapped Non-Profit C.I.T.L. |
|
Böck,
Devlin,
PhilippJovanovic,
Zauner
|
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS |
|
| 13:50 |
Melrose
|
Drone Attacks on Industrial Wireless: A New Front in Cyber Security |
Mahjoub,
Mathew,
Sakaly
|
Towards a Holistic Approach in Building Intelligence to Fight Crimeware |
|
McGrew
|
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools |
|
Wilhelm
|
Xenpwn: Breaking Paravirtualized Devices |
|
Wei,
Zhang
|
Adaptive Kernel Live Patching: An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits |
|
Goethem,
MathyVanhoef
|
HEIST: HTTP Encrypted Information can be Stolen Through TCP-Windows |
|
Demay,
Lebrun
|
CANSPY: A Platform for Auditing CAN Devices |
|
Jasek
|
GATTacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool |
|
Nipravsky
|
Certificate Bypass: Hiding and Executing Malware from a Digitally Signed Executable |
|
| 15:00 |
Grossman
|
An Insider's Guide to Cyber-Insurance and Security Guarantees |
Kaiser
|
Pwning Your Java Messaging with Deserialization Vulnerabilities |
|
Bursztein
|
Does Dropping USB Drives in Parking Lots and Other Places Really Work? |
|
Mittal
|
AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It |
|
Bangert,
Bratus,
Koo
|
Intra-Process Memory Protection for Applications on ARM and x86: Leveraging the ELF ABI |
|
Chen,
Chen,
Kotcher,
Tague,
Tian,
YutongPei
|
1000 Ways to Die in Mobile OAuth |
|
Ortisi
|
Recover a RSA Private Key from a TLS Session with Perfect Forward Secrecy |
|
Marie
|
I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache |
|
Sabanal
|
Into The Core - In-Depth Exploration of Windows 10 IoT Core |
|
| 16:20 |
Uhley
|
Design Approaches for Security Automation |
Klein,
Kotler
|
Crippling HTTPS with Unholy PAC |
|
Simon
|
Access Keys Will Kill You Before You Kill the Password |
|
Amiga,
Knafo
|
Account Jumping Post Infection Persistency & Lateral Movement in AWS |
|
Bitton,
Yavo
|
Captain Hook: Pirating AVs to Bypass Exploit Mitigations |
|
Alsaheel,
RaghavPande
|
Using EMET to Disable EMET |
|
Ermishkin,
MaximAndreev
|
Viral Video - Exploiting SSRF in Video Converters |
|
Ossmann
|
GreatFET: Making GoodFET Great Again |
|
Jang,
Kim,
Lee
|
Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX |
|
| 17:30 |
Barak
|
Watching Commodity Malware Get Sold to a Targeted Actor |
Price
|
Building a Product Security Incident Response Team: Learnings from the Hivemind |
|
Ziv
|
Unleash the Infection Monkey: A Modern Alternative to Pen-Tests |
|
Niemantsverdriet
|
Security Through Design - Making Security Better by Designing for People |
|
O'Flynn
|
Brute-Forcing Lockdown Harddrive PIN Codes |
|
Geers
|
Cyber War in Perspective: Analysis from the Crisis in Ukraine |
|
Hornby
|
Side-Channel Attacks on Everyday Applications |
|
Bulazel
|
AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion |
|
Ji,
Jian
|
The Risk from Power Lines: How to Sniff the G3 and Prime Data and Detect the Interfere Attack |
| 09:00 |
Fang
|
CANCELLED - How to Build the Immune System for the Internet |
Wu
|
Dark Side of the DNS Force |
|
O'Flynn
|
A Lightbulb Worm? |
|
Yu
|
BadTunnel: How Do I Get Big Brother Power? |
|
Latapie
|
Dungeons Dragons and Security |
|
LorenzoFontana,
Mariani
|
PINdemonium: A DBI-Based Generic Unpacker for Windows Executable |
|
Mendoza
|
Samsung Pay: Tokenized Numbers Flaws and Issues |
|
Vishwanath
|
Blunting the Phisher's Spear: A Risk-Based Approach for Defining User Training and Awarding Administrative Privileges |
|
JoshTriplett,
Sistrunk
|
What's the DFIRence for ICS? |
|
Quynh
|
Keystone Engine: Next Generation Assembler Framework |
|
| 09:45 |
Be'ery,
Hoch
|
The Remote Malicious Butler Did It! |
Luan
|
Ouroboros: Tearing Xen Hypervisor with the Snake |
|
Nakibly
|
TCP Injection Attacks in the Wild - A Large Scale Study |
|
ChrisValasek,
Miller
|
Advanced CAN Injection Techniques for Vehicle Networks |
|
Duggal
|
Understanding HL7 2.x Standards Pen Testing and Defending HL7 2.x Messages |
|
Kralevich
|
The Art of Defense - How Vulnerabilities Help Shape Security Features and Mitigations in Android |
|
Yason
|
Windows 10 Segment Heap Internals |
|
Healey
|
Defense at Hyperscale: Technologies and Policies for a Defensible Cyberspace |
|
JasonPolakis,
Sivakorn
|
HTTP Cookie Hijacking in the Wild: Security and Privacy Implications |
|
| 11:00 |
Mandt,
Solnik
|
Demystifying the Secure Enclave Processor |
Jin,
Luo
|
Next-Generation of Exploit Kit Detection by Building Simulated Obfuscators |
|
AndreCorrea,
Peterson
|
Investigating DDOS - Architecture Actors and Attribution |
|
Wojtczuk
|
Analysis of the Attack Surface of Windows 10 Virtualization-Based Security |
|
Otsubo
|
O-checker: Detection of Malicious Documents Through Deviation from File Format Specifications |
|
Hecker
|
Hacking Next-Gen ATMs: From Capture to Cashout |
|
Tabron
|
Language Properties of Phone Scammers: Cyberdefense at the Level of the Human |
|
FitzPatrick
|
The Tao of Hardware the Te of Implants |
|
Kambic
|
Cunning with CNG: Soliciting Secrets from Schannel |
|
| 12:10 |
Krug,
McCormack
|
Hardening AWS Environments and Automating Incident Response for AWS Compromises |
Goncharov
|
badWPAD |
|
Granick,
RianaPfefferkorn
|
When the Cops Come A-Knocking: Handling Technical Assistance Demands from Law Enforcement |
|
Miller,
Weston
|
Windows 10 Mitigation Improvements |
|
Bai,
Xing
|
Discovering and Exploiting Novel Security Vulnerabilities in Apple ZeroConf |
|
Seymour,
Tully
|
Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing on Twitter |
|
Leibowitz
|
Horse Pill: A New Type of Linux Rootkit |
|
Aumasson,
LuisMerino
|
SGX Secure Enclaves in Practice: Security and Crypto Review |
|
Galloway
|
AirBnBeware: Short Term Rentals Long Term Pwnage |
|
| 14:30 |
CollinAnderson,
Guarnieri
|
Iran's Soft-War for Internet Dominance |
Silvanovich
|
The Year in Flash |
|
Tan
|
Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions |
|
Ozavci
|
VOIP WARS: The Phreakers Awaken |
|
Gadsby,
Kouns
|
OSS Security Maturity: Time to Put On Your Big Boy Pants! |
|
Ivanov
|
Web Application Firewalls: Analysis of Detection Logic |
|
Chen,
Wang,
Xu
|
Pangu 9 Internals |
|
Chong
|
Breaking FIDO: Are Exploits in There? |
|
HendrikSchwartke,
MaikBrüggemann,
Spenneberg
|
PLC-Blaster: A Worm Living Solely in the PLC |
|
| 15:50 |
Sharkey
|
Breaking Hardware-Enforced Security with Hypervisors |
Hund
|
The Beast Within - Evading Dynamic Malware Analysis Using Microsoft COM |
|
Galperin,
Quintin
|
When Governments Attack: State Sponsored Malware Attacks Against Activists Lawyers and Journalists |
|
Krstic
|
Behind The Scenes of iOS Security |
|
Oh
|
The Art of Reverse Engineering Flash Exploits |
|
Malone
|
Using an Expanded Cyber Kill Chain Model to Increase Attack Resiliency |
|
Gelernter
|
Timing Attacks Have Never Been So Practical: Advanced Cross-Site Search Attacks |
|
Branco,
RohitMothe
|
DPTrace: Dual Purpose Trace for Exploitability Analysis of Program Crashes |
|
JonathanMayer,
LeBlanc
|
Crumbling the Supercookie and Other Ways the FCC Protects Your Internet Traffic |
|
| 17:00 |
Berlin
|
An AI Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network |
Kelley
|
An Inconvenient Trust: User Attitudes Toward Security and Usability Tradeoffs for Key-Directory Encryption Systems |
|
Stump,
Wyler
|
Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network |
|
Lee,
Yoon
|
Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking? |
|
Bos,
Bosman,
Giuffrida,
Razavi
|
Over the Edge: Silently Owning Windows 10's Secure Browser |
|
Fogh,
Gruss
|
Using Undocumented CPU Behavior to See into Kernel Mode and Break KASLR in the Process |
|
Marzuoli
|
Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud |
|
Zhang
|
Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization |
|
Terwoerds
|
Building Trust & Enabling Innovation for Voice Enabled IoT |
This "Old School" schedule is an automatically-generated evolution of a manually-generated hack Darth Null has been using at ShmooCon since 2007. It won't work too well for a large conference, like DEFCON, but for smaller events like ShmooCon or BlackHat DC, it might be useful.
Simply print this out at whatever scale is most helpful to you. For example, for ShmooCon: print at 65%, fold Friday and Sunday back behind Saturday, and laminate, for a two-sided 3" x 4" card that you can keep in your shirt pocket.