Black Hat USA 2017
took place July 22, 2017 through July 27, 2017 (4 years, 10 months ago)
at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,395.00[1].
Presentations:
Wednesday, July 26, 2017
Thursday, July 27, 2017
-
09:00 - The Industrial Revolution of Lateral Movement
-
09:00 - Bot vs. Bot for Evading Machine Learning Malware Detection
-
09:00 - Influencing the Market to Improve Security
-
09:00 - The Epocholypse 2038: What's in Store for the Next 20 Years
-
09:00 - The Future of ApplePwn - How to Save Your Money
-
09:00 - The Shadow Brokers – Cyber Fear Game-Changers
-
09:00 - Escalating Insider Threats Using VMware's API
-
09:00 - OpenCrypto: Unchaining the JavaCard Ecosystem
-
09:00 - Skype & Type: Keystroke Leakage over VoIP
-
09:45 - 'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
-
09:45 - Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
-
09:45 - Datacenter Orchestration Security and Insecurity: Assessing Kubernetes, Mesos, and Docker at Scale
-
09:45 - Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
-
09:45 - Fad or Future? Getting Past the Bug Bounty Hype
-
09:45 - Redesigning PKI to Solve Revocation, Expiration, and Rotation Problems
-
09:45 - Evading Microsoft ATA for Active Directory Domination
-
09:45 - Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
-
09:45 - rVMI: A New Paradigm for Full System Analysis
-
11:00 - Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
-
11:00 - Bug Collisions Meet Government Vulnerability Disclosure
-
11:00 - Practical Tips for Defending Web Applications in the Age of DevOps
-
11:00 - Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
-
11:00 - Breaking the Laws of Robotics: Attacking Industrial Robots
-
11:00 - Hunting GPS Jammers
-
11:00 - Intel SGX Remote Attestation is Not Sufficient
-
11:00 - Go to Hunt, Then Sleep
-
11:00 - Why Most Cyber Security Training Fails and What We Can Do About it
-
12:10 - Free-Fall: Hacking Tesla from Wireless to CAN Bus
-
12:10 - Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
-
12:10 - Attacking Encrypted USB Keys the Hard(ware) Way
-
12:10 - Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening
-
12:10 - AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
-
12:10 - kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
-
12:10 - Game of Chromes: Owning the Web with Zombie Chrome Extensions
-
12:10 - Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
-
14:30 - Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
-
14:30 - The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
-
14:30 - Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
-
14:30 - Evolutionary Kernel Fuzzing
-
14:30 - Exploit Kit Cornucopia
-
14:30 - Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
-
14:30 - Defeating Samsung KNOX with Zero Privilege
-
14:30 - Friday the 13th: JSON Attacks
-
14:30 - Taking Over the World Through MQTT - Aftermath
-
15:50 - Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
-
15:50 - And Then the Script-Kiddie Said, "Let There be No Light." Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
-
15:50 - Exploiting Network Printers
-
15:50 - Lies, and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
-
15:50 - Blue Pill for Your Phone
-
15:50 - Intel AMT Stealth Breakthrough
-
15:50 - Electronegativity - A Study of Electron Security
-
15:50 - Well, that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
-
15:50 - WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
-
17:00 - Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
-
17:00 - Breaking the x86 Instruction Set
-
17:00 - Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
-
17:00 - A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
-
17:00 - IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
-
17:00 - RBN Reloaded - Amplifying Signals from the Underground
-
17:00 - The Adventures of AV and the Leaky Sandbox
-
17:00 - Betraying the BIOS: Where the Guardians of the BIOS are Failing
-
17:00 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
Presenters:
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.