Presentaciones de Black Hat Asia 2017

• March 30, 2017
• tuxotron
• Hacking, Conferencia, Seguridad

• Facebook
• Twitter
• Reddit
• LinkedIn

Ya podemos acceder a muchas de las presentaciones de la edición asiática de Black Hat de este año:

• The Seven Axioms of Security
• Why We are Not Building a Defendable Internet
• Man-in-the-SCADA: Anatomy of Data Integrity Attacks in Industrial Control Systems
• 24 Techniques to Gather Threat Intel and Track Actors
• 3G/4G Intranet Scanning and its Application on the WormHole Vulnerability
• All Your Emails Belong to Us: Exploiting Vulnerable Email Clients via Domain Name Collision
• Anti-Plugin: Don’t Let Your App Play as an Android Plugin
  • asia-17-Luo-Anti-Plugin-Don’t-Let-Your-App-Play-As-An-Android-Plugin.pdf
  • asia-17-Luo-Anti-Plugin-Don’t-Let-Your-App-Play-As-An-Android-Plugin-wp.pdf
• Betting Against the House: Security and Stability When the Odds are Against You
• Beyond the Blacklists: Detecting Malicious URL Through Machine Learning
• Breaking Korea Transit Card with Side-Channel Attack - Unauthorized Recharging
  • asia-17-Kim-Breaking-Korea-Transit-Card-With-Side-Channel-Attack-Unauthorized-Recharging.pdf
  • asia-17-Kim-Breaking-Korea-Transit-Card-With-Side-Channel-Attack-Unauthorized-Recharging-wp.pdf
• Cache Side Channel Attack: Exploitability and Countermeasures
• Cross the Wall - Bypass All Modern Mitigations of Microsoft Edge
  • asia-17-Li-Cross-The-Wall-Bypass-All-Modern-Mitigations-Of-Microsoft-Edge.pdf
• Daily-Life Peeper: Bug Hunting and Exploit Techniques in IoT
• Delegate to the Top: Abusing Kerberos for Arbitrary Impersonations and RCE
  • asia-17-Hart-Delegate-To-The-Top-Abusing-Kerberos-For-Arbitrary-Impersonations-And-RCE.pdf
  • asia-17-Hart-Delegate-To-The-Top-Abusing-Kerberos-For-Arbitrary-Impersonations-And-RCE-wp.pdf
  • asia-17-Hart-Delegate-To-The-Top-Abusing-Kerberos-For-Arbitrary-Impersonations-And-RCE-tool.ps1
• Dig Into the Attack Surface of PDF and Gain 100+ CVEs in 1 Year
  • asia-17-Liu-Dig-Into-The-Attack-Surface-Of-PDF-And-Gain-100-CVEs-In-1-Year.pdf
  • asia-17-Liu-Dig-Into-The-Attack-Surface-Of-PDF-And-Gain-100-CVEs-In-1-Year-wp.pdf
• Domo Arigato Mr. Roboto: Security Robots a la Unit-Testing
  • asia-17-Law-Domo-Arigato-Mr-Roboto-Security-Robots-A-La-Unit-Testing.pdf
  • asia-17-Law-Domo-Arigato-Mr-Roboto-Security-Robots-A-La-Unit-Testing-wp.pdf
• Drop the ROP: Fine-Grained Control-Flow Integrity for the Linux Kernel
  • asia-17-Moreira-Drop-The-Rop-Fine-Grained-Control-Flow-Integrity-For-The-Linux-Kernel.pdf
• Exploiting USB/IP in Linux
  • asia-17-Korchagin-Exploiting-USBIP-In-Linux.pdf
  • asia-17-Korchagin-Exploiting-USBIP-In-Linux-wp.pdf
• Fried Apples: Jailbreak DIY
  • asia-17-Bazaliy-Fried-Apples-Jailbreak-DIY.pdf
• Go Get My/Vulnerabilities: An In-Depth Analysis of Go Language Runtime and the New Class of Vulnerabilities It Introduces
• Hack Microsoft Using Microsoft Signed Binaries
• Hacking HTTP/2 - New Attacks on the Internet’s Next Generation Foundation
• Hello From the Other Side: SSH Over Robust Cache Covert Channels in the Cloud
  • asia-17-Schwarz-Hello-From-The-Other-Side-SSH-Over-Robust-Cache-Covert-Channels-In-The-Cloud.pdf
  • asia-17-Schwarz-Hello-From-The-Other-Side-SSH-Over-Robust-Cache-Covert-Channels-In-The-Cloud-wp.pdf
  • asia-17-Schwarz-Hello-From-The-Other-Side-SSH-Over-Robust-Cache-Covert-Channels-In-The-Cloud-tool.zip
• Locknote: Conclusions and Key Takeaways from Black Hat Asia 2017
• MASHaBLE: Mobile Applications of Secret Handshakes Over Bluetooth LE
• Mobile-Telephony Threats in Asia
• Myth and Truth About Hypervisor-Based Kernel Protector: The Reason Why You Need Shadow-Box
• Never Let Your Guard Down: Finding Unguarded Gates to Bypass Control Flow Guard with Big Data
• Open Sourcing Automotive Diagnostics
• Phishing for Funds: Understanding Business Email Compromise
  • asia-17-Turpin-Phishing-For-Funds-Understanding-Business-Email-Compromise.pdf
• Remotely Compromising iOS via Wi-Fi and Escaping the Sandbox
• The Irrelevance of K-Bytes Detection - Building a Robust Pipeline for Malicious Documents
  • asia-17-Amiga-The-Irrelevance-Of-K-Byte-Detection-Building-A-Robust-Pipeline-For-Malicious-Document.pdf
• The Power of Data-Oriented Attacks: Bypassing Memory Mitigation Using Data-Only Exploitation Techniques
• The UEFI Firmware Rootkits: Myths and Reality
• What Malware Authors Don’t Want You to Know - Evasive Hollow Process Injection
  • asia-17-KA-What-Malware-Authors-Don’t-Want-You-To-Know-Evasive-Hollow-Process-Injection.pdf
  • asia-17-KA-What-Malware-Authors-Don’t-Want-You-To-Know-Evasive-Hollow-Process-Injection-wp.pdf

• presentaciones