• Facebook
• Twitter
• Reddit
• LinkedIn

Otra de las conferencias referentes sobre seguridad, USENIX Security 2016, ha publicado el material presentado:

• Flip Feng Shui: Hammering a Needle in the Software Stack - PDF
• One Bit Flips, One Cloud Flops: Cross-VM Row Hammer Attacks and Privilege Escalation - PDF - Slides
• PIkit: A New Kernel-Independent Processor-Interconnect Rootkit - PDF - Slides
• Verifying Constant-Time Implementations - PDF
• Secure, Precise, and Fast Floating-Point Operations on x86 Processors - PDF - Slides
• überSpark: Enforcing Verifiable Object Abstractions for Automated Compositional Security Analysis of a Hypervisor - PDF
• Undermining Information Hiding (and What to Do about It) - PDF
• Poking Holes in Information Hiding - PDF
• What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses - PDF - Slides
• zxcvbn: Low-Budget Password Strength Estimation - PDF - Slides
• Fast, Lean, and Accurate: Modeling Password Guessability Using Neural Networks - PDF - Slides
• An Empirical Study of Textual Key-Fingerprint Representations - PDF
• Off-Path TCP Exploits: Global Rate Limit Considered Dangerous - PDF
• Website-Targeted False Content Injection by Network Operators - PDF
• The Ever-Changing Labyrinth: A Large-Scale Analysis of Wildcard DNS Powered Blackhat SEO - PDF - Slides
• A Comprehensive Measurement Study of Domain Generating Malware - PDF
• Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing - PDF - Slides
• Faster Malicious 2-Party Secure Computation with Online/Offline Dual Execution - PDF - Slides
• Egalitarian Computing - PDF
• Post-quantum Key Exchange—A New Hope - PDF
• Automatically Detecting Error Handling Bugs Using Error Specifications - PDF
• APISan: Sanitizing API Usages through Semantic Cross-Checking - PDF
• On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities - PDF
• Defending against Malicious Peripherals with Cinch - PDF - Slides
• Making USB Great Again with USBFILTER - PDF - Slides
• Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks - PDF
• Request and Conquer: Exposing Cross-Origin Resource Size - PDF
• Trusted Browsers for Uncertain Times - PDF
• Tracing Information Flows Between Ad Exchanges Using Retargeted Ads - PDF - Slides
• Virtual U: Defeating Face Liveness Detection by Building Virtual Models from Your Public Photos - PDF - Slides
• Hidden Voice Commands - PDF - Slides
• FlowFence: Practical Data Protection for Emerging IoT Application Frameworks - PDF
• ARMageddon: Cache Attacks on Mobile Devices - PDF - Slides
• DRAMA: Exploiting DRAM Addressing for Cross-CPU Attacks - PDF - Slides
• An In-Depth Analysis of Disassembly on Full-Scale x86/x64 Binaries - PDF - Slides
• Stealing Machine Learning Models via Prediction APIs - PDF - Slides
• Oblivious Multi-Party Machine Learning on Trusted Processors - PDF
• Thoth: Comprehensive Policy Compliance in Data Retrieval Systems - PDF - Slides
• Dancing on the Lip of the Volcano: Chosen Ciphertext Attacks on Apple iMessage - PDF
• Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys - PDF
• DROWN: Breaking TLS Using SSLv2 - PDF - Slides
• All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption - PDF - Slides
• Investigating Commercial Pay-Per-Install and the Distribution of Unwanted Software - PDF
• Measuring PUP Prevalence and PUP Distribution through Pay-Per-Install Services - PDF - Slides
• UNVEIL: A Large-Scale, Automated Approach to Detecting Ransomware - PDF - Slides
• Towards Measuring and Mitigating Social Engineering Software Download Attacks - PDF - Slides
• Specification Mining for Intrusion Detection in Networked Control Systems - PDF - Slides
• Optimized Invariant Representation of Network Traffic for Detecting Unseen Malware Variants - PDF - Slides
• Authenticated Network Time Synchronization - PDF
• fTPM: A Software-Only Implementation of a TPM Chip - PDF
• Sanctum: Minimal Hardware Extensions for Strong Software Isolation - PDF - Slides
• Ariadne: A Minimal Approach to State Continuity - PDF
• The Million-Key Question—Investigating the Origins of RSA Public Keys - PDF - Slides
• Fingerprinting Electronic Control Units for Vehicle Intrusion Detection - PDF - Slides
• Lock It and Still Lose It —on the (In)Security of Automotive Remote Keyless Entry Systems - PDF
• OblivP2P: An Oblivious Peer-to-Peer Content Sharing System - PDF
• AuthLoop: End-to-End Cryptographic Authentication for Telephony over Voice Channels - PDF
• You Are Who You Know and How You Behave: Attribute Inference Attacks via Users' Social Friends and Behaviors - PDF
• Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016 - PDF
• Hey, You Have a Problem: On the Feasibility of Large-Scale Web Vulnerability Notification - PDF - Slides
• You've Got Vulnerability: Exploring Effective Vulnerability Notifications - PDF
• Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud - PDF
• ZKBoo: Faster Zero-Knowledge for Boolean Circuits - PDF
• The Cut-and-Choose Game and Its Application to Cryptographic Protocols - PDF - Slides
• On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis - PDF - Slides
• Practical DIFC Enforcement on Android - PDF - Slides
• Screen after Previous Screens: Spatial-Temporal Recreation of Android App Displays from Memory Images - PDF
• Harvesting Inconsistent Security Configurations in Custom Android ROMs via Differential Analysis - PDF
• Identifying and Characterizing Sybils in the Tor Network - PDF - Slides
• k-fingerprinting: A Robust Scalable Website Fingerprinting Technique - PDF
• Protecting Privacy of BLE Device Users - PDF - Slides
• Privacy in Epigenetics: Temporal Linkability of MicroRNA Expression Profiles - PDF - Slides

• Facebook
• Twitter
• Reddit
• LinkedIn

Fuente: http://www.brendangregg.com/Perf/linux_perf_tools_full.png

• Facebook
• Twitter
• Reddit
• LinkedIn

Una vez más una de las conferencias sobre seguridad informática ha llegado a su fin: DEF CON 24. Por ahora, se han puesto disponible las diapositivas y algún material extra de las presentaciones que se pudieron presenciar.

• Amro-Abdelgawad-Extras/
• Jonathan-Brossard-Extras/
• Lucas-Lundgren-Extras/
• Mike-Rich-Extras/
• Regilero-Extras/
• Robert-Olson-Extras/
• Seymour-Tully-Extras/
• SixVolts-and-Haystack-Extras/
• Wesley-McGrew-Extras/
• 3alarmlampscoot-DIY-Nukeproofing.pdf
• Adam-Donenfeld-Stumping-The-Mobile-Chipset.pdf
• Allan-Cecil-dwangoAC-Tasbot-The-Perfectionist.pdf
• Amro-Abdelgawad-The-Remote-Metamorphic-Engine.pdf
• Anch-So-you-want-to-be-a-pentester-DC101.pdf
• Anto-Joseph-Fuzzing-Android-Devices.pdf
• Arnaud-Soullie-Workshop-Pentesting-ICS-101.pdf
• Ashmastaflash-Sitch-Inexpensive-Coordinated-GSM-Anomaly-Detection-Writeup.pdf
• Ashmastaflash-Sitch-Inexpensive-Coordinated-GSM-Anomaly-Detection.pdf
• Benjamin-Holland-Developing-Managed-Code-Rootkits-For-Java-Runtime.pdf
• Bertin-Bervis-James-Jara-Exploiting-And-Attacking-Seismological-Networks-Remotely.pdf
• Bigezy-Saci-Pinworm-MITM-for-Metadata.pdf
• Brad-Dixon-Pin2Pwn-How-to-Root-An-Embedded-Linux-Box-With-A-Sewing-Needle.pdf
• Brad-Woodberg-Malware-Command-And-Control-Channels-A-Journey-Into-Darkness.pdf
• Bryant-Zadegan-Ryan-Lester-Abusing-Bleeding-Edge-Web-Standards-For-Appsec-Glory.pdf
• Chapman-Stone-Toxic-Proxies-Bypassing-HTTPS-and-VPNs.pdf
• Chris-Rock-How-to-overthrow-a-Government-Kuwait-Coup-WP.pdf
• Chris-Rock-How-to-overthrow-a-Government.pdf
• Clarence-Chio-Machine-Duping-101.pdf
• Demay-Auditing-6LoWPAN-Networks-Using-Standard-Penetration-Testing-Tools-WP.pdf
• Demay-Auditing-6LoWPAN-Networks-Using-Standard-Penetration-Testing-Tools.pdf
• Demay-Lebrun-Canspy-A-Platorm-For-Auditing-Can-Devices.pdf
• Dr-Phil-Polstra-Mouse-Jigglers.pdf
• Drake-Christey-Vulnerabilities-101.pdf
• Eagle-Sk3Wldbg-Emulating-with-Ida.pdf
• Eric-Escobar-Rogue-Cell-Towers.pdf
• Evan-Booth-Jjittery-Macgyver.pdf
• Fasel-Jacobs-I-fight-for-the-users.pdf
• Fitzpatrick-and-Grand-101-Ways-To-Brick-Your-Hardware.pdf
• Forgety-Kreilein-Ng9-1-1-The-Next-Gene-Of-Emergency-Ph0Nage.pdf
• Fred-Bret-Mounet-All-Your-Solar-Panels-Are-Belong-To-Me.pdf
• Gorenc-Sands-Hacker-Machine-Interface.pdf
• Granolocks-Zero-Chaos-Bluehydra-Realtime-Blutetooth-Detection.pdf
• Grant-Bugher-Captive-Portals.pdf
• Guevara-Noubir-Amirali-Sanatinia-Honey-Onions-Exposing-Snooping-Tor-Hsdir-Relays-WP.pdf
• Guevara-Noubir-Amirali-Sanatinia-Honey-Onions-Exposing-Snooping-Tor-Hsdir-Relays.pdf
• Hendrik-Schmidt-Brian-Butter-Attacking-BaseStations.pdf
• Huber-Rasthofer-Smartphone-Antivirus-And-Security-Applications-Under-Fire.pdf
• Hunter-Scott-Rt2Win-The-Luckiest-Guy-On-Twitter.pdf
• Int0X80-Anti-Forensics-AF.pdf
• Jay-Beale-Larry-Pesce-Phishing-without-Frustration.pdf
• Jennifer-Granick-Slouching-Towards-Utopia.pdf
• Jkambic-Cunning-With-Cng-Soliciting-Secrets-From-Schannel-WP.pdf
• Jkambic-Cunning-With-Cng-Soliciting-Secrets-From-Schannel.pdf
• Jmaxxz-Backdooring-the-Frontdoor-Bypass-Cert-Pinning.pdf
• Jmaxxz-Backdooring-the-Frontdoor-Extracting-Secrets-From-Log.pdf
• Jmaxxz-Backdooring-the-Frontdoor.pdf
• Joe-Grand-Zoz-BSODomizerHD.pdf
• Jonathan-Brossard-Intro-to-Witchcraft-Compiler.pdf
• Karyn-Benson-Examining-The-Internets-Pollution.pdf
• Klijnsma-Tentler-Stargate-Pivoting-Through-VNC.pdf
• Ladar-Levison-Compelled-Decryption.pdf
• Liu-Yan-Xu-Can-You-Trust-Autonomous-Vehicles-WP.pdf
• Liu-Yan-Xu-Can-You-Trust-Autonomous-Vehicles.pdf
• Lucas-Lundgren-Light-Weight Protocol-Critical-Implications.pdf
• Luke-Young-The-4TbS-Ddos-For-5-bucks.pdf
• Maldonado-Mcguffin-Sticky-Keys-To-The-Kingdom.pdf
• Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice-WP.pdf
• Marc-Newlin-MouseJack-Injecting-Keystrokes-Into-Wireless-Mice.pdf
• Max-Bazaliy-A-Journey-Through-Exploit-Mitigation-Techniques-On-Ios.pdf
• Mcsweeny-Cranor-Research-On-The-Machines.pdf
• Mike-Rich-Use-Their-Machines-Against-Them-WP.pdf
• Mike-Rich-Use-Their-Machines-Against-Them.pdf
• Nick-Rosario-Weaponize-Your-Feature-Codes.pdf
• Panel-How-To-Make-A-DEFCON-Black-Badge.pdf
• Patrick-Wardle-99-Problems-Little-Snitch.pdf
• Plore-Side-Channel-Attacks-On-High-Security-Electronic-Safe-Locks.pdf
• Przemek-Jaroszewski-How-To-Get-Good-Seats-In-The-Security-Theater.pdf
• Radia-Perlman-Resilience-Despite-Malicious-Pariticpants.pdf
• Regilero-Hiding-Wookiees-In-Http.pdf
• Ricky-Lawshae-Lets-Get-Physical.pdf
• Robbins-Vazarkar-Schroeder-Six-Degrees-of-Domain-Admin.pdf
• Robert-Olson-Writing-Your-First-Exploit.pdf
• Rogan-Dawes-Dominic-White-Universal-Serial-aBUSe-Remote-Attacks.pdf
• Rose-Ramsey-Picking-Bluetooth-Low-Energy-Locks.pdf
• Salvador-Mendoza-Samsung-Pay-Tokenized-Numbers-WP.pdf
• Salvador-Mendoza-Samsung-Pay-Tokenized-Numbers.pdf
• Sean-Metcalf-Beyond-The-MCSE-Red-Teaming-Active-Directory.pdf
• Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering-WP.pdf
• Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering.pdf
• Shane-Steiger-Maelstrom-Are-You-Playing-With-A-Full-Deck-V14-Back.pdf
• Shane-Steiger-Maelstrom-Rules-V10.pdf
• SixVolts-and-Haystack-Cheap-Tools-For-Hacking-Heavy-Trucks.pdf
• Tamas-Szakaly-Help-I-got-ANTS.pdf
• Thomas-Wilhelm-Hacking-Network-Protocols-Using-Kali.pdf
• Thomas-Wilhelm-Intrusion-Prevention-System-Evasion-Techniques.pdf
• Tim-Estell-Katea-Murray-NPRE-Eavesdropping-on-the-Machines-Literature-Survey.pdf
• Tim-Estell-Katea-Murray-NPRE-Eavesdropping-on-the-Machines.pdf
• Tom-Kopchak-SSD-Forensics-Research-WP.pdf
• Tom-Kopchak-Sentient-Storage.pdf
• Ulf-Frisk-Direct-Memory-Attack-the-Kernel.pdf
• Wesley-McGrew-Secure-Penetration-Testing-Operations-WP.pdf
• Wesley-McGrew-Secure-Penetration-Testing-Operations.pdf
• Willa-Riggins-Esoteric-Exfiltration.pdf
• Zhang-Shan-Forcing-Targeted-Lte-Cellphone-Into-Unsafe-Network.pdf
• Zhong-Lee-411-A-Framework-For-Managing-Security-Alerts.pdf
• the-bob-ross-fan-club-Propaganda-and-you.pdf