Black Hat USA 2017
took place July 22, 2017 through July 27, 2017 (7 years, 3 months ago) at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,395.00[1].
Presentations
Wednesday, July 26, 2017
Thursday, July 27, 2017
-
09:00 - The Future of ApplePwn - How to Save Your Money
-
09:00 - Influencing the Market to Improve Security
-
09:00 - The Epocholypse 2038: What's in Store for the Next 20 Years
-
09:00 - OpenCrypto: Unchaining the JavaCard Ecosystem
-
09:00 - Bot vs. Bot for Evading Machine Learning Malware Detection
-
09:00 - The Shadow Brokers – Cyber Fear Game-Changers
-
09:00 - Escalating Insider Threats Using VMware's API
-
09:00 - Skype & Type: Keystroke Leakage over VoIP
-
09:00 - The Industrial Revolution of Lateral Movement
-
09:45 - 'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
-
09:45 - Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
-
09:45 - Datacenter Orchestration Security and Insecurity: Assessing Kubernetes, Mesos, and Docker at Scale
-
09:45 - Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
-
09:45 - rVMI: A New Paradigm for Full System Analysis
-
09:45 - Fad or Future? Getting Past the Bug Bounty Hype
-
09:45 - Evading Microsoft ATA for Active Directory Domination
-
09:45 - Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
-
09:45 - Redesigning PKI to Solve Revocation, Expiration, and Rotation Problems
-
11:00 - Go to Hunt, Then Sleep
-
11:00 - Breaking the Laws of Robotics: Attacking Industrial Robots
-
11:00 - Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
-
11:00 - Practical Tips for Defending Web Applications in the Age of DevOps
-
11:00 - Bug Collisions Meet Government Vulnerability Disclosure
-
11:00 - Hunting GPS Jammers
-
11:00 - Intel SGX Remote Attestation is Not Sufficient
-
11:00 - Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
-
11:00 - Why Most Cyber Security Training Fails and What We Can Do About it
-
12:10 - kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
-
12:10 - Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
-
12:10 - Game of Chromes: Owning the Web with Zombie Chrome Extensions
-
12:10 - AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
-
12:10 - Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
-
12:10 - Free-Fall: Hacking Tesla from Wireless to CAN Bus
-
12:10 - Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening
-
12:10 - Attacking Encrypted USB Keys the Hard(ware) Way
-
14:30 - The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
-
14:30 - Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
-
14:30 - Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
-
14:30 - Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
-
14:30 - Defeating Samsung KNOX with Zero Privilege
-
14:30 - Evolutionary Kernel Fuzzing
-
14:30 - Taking Over the World Through MQTT - Aftermath
-
14:30 - Exploit Kit Cornucopia
-
14:30 - Friday the 13th: JSON Attacks
-
15:50 - Electronegativity - A Study of Electron Security
-
15:50 - Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
-
15:50 - Exploiting Network Printers
-
15:50 - WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
-
15:50 - Lies, and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
-
15:50 - Blue Pill for Your Phone
-
15:50 - And Then the Script-Kiddie Said, "Let There be No Light." Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
-
15:50 - Intel AMT Stealth Breakthrough
-
15:50 - Well, that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
-
17:00 - Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
-
17:00 - Betraying the BIOS: Where the Guardians of the BIOS are Failing
-
17:00 - RBN Reloaded - Amplifying Signals from the Underground
-
17:00 - A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
-
17:00 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
-
17:00 - Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
-
17:00 - IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
-
17:00 - The Adventures of AV and the Leaky Sandbox
-
17:00 - Breaking the x86 Instruction Set
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.