Black Hat USA 2017
took place July 22, 2017 through July 27, 2017 (5 years, 2 months ago)
at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,395.00[1].
Presentations
Wednesday, July 26, 2017
Thursday, July 27, 2017
-
09:00 - The Future of ApplePwn - How to Save Your Money
-
09:00 - The Epocholypse 2038: What's in Store for the Next 20 Years
-
09:00 - The Shadow Brokers – Cyber Fear Game-Changers
-
09:00 - Bot vs. Bot for Evading Machine Learning Malware Detection
-
09:00 - Influencing the Market to Improve Security
-
09:00 - OpenCrypto: Unchaining the JavaCard Ecosystem
-
09:00 - Escalating Insider Threats Using VMware's API
-
09:00 - Skype & Type: Keystroke Leakage over VoIP
-
09:00 - The Industrial Revolution of Lateral Movement
-
09:45 - Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
-
09:45 - Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
-
09:45 - Redesigning PKI to Solve Revocation, Expiration, and Rotation Problems
-
09:45 - Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
-
09:45 - rVMI: A New Paradigm for Full System Analysis
-
09:45 - Fad or Future? Getting Past the Bug Bounty Hype
-
09:45 - Datacenter Orchestration Security and Insecurity: Assessing Kubernetes, Mesos, and Docker at Scale
-
09:45 - Evading Microsoft ATA for Active Directory Domination
-
09:45 - 'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
-
11:00 - Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
-
11:00 - Breaking the Laws of Robotics: Attacking Industrial Robots
-
11:00 - Go to Hunt, Then Sleep
-
11:00 - Practical Tips for Defending Web Applications in the Age of DevOps
-
11:00 - Bug Collisions Meet Government Vulnerability Disclosure
-
11:00 - Hunting GPS Jammers
-
11:00 - Intel SGX Remote Attestation is Not Sufficient
-
11:00 - Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
-
11:00 - Why Most Cyber Security Training Fails and What We Can Do About it
-
12:10 - kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
-
12:10 - Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
-
12:10 - Game of Chromes: Owning the Web with Zombie Chrome Extensions
-
12:10 - AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
-
12:10 - Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
-
12:10 - Free-Fall: Hacking Tesla from Wireless to CAN Bus
-
12:10 - Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening
-
12:10 - Attacking Encrypted USB Keys the Hard(ware) Way
-
14:30 - The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
-
14:30 - Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
-
14:30 - Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
-
14:30 - Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
-
14:30 - Defeating Samsung KNOX with Zero Privilege
-
14:30 - Evolutionary Kernel Fuzzing
-
14:30 - Taking Over the World Through MQTT - Aftermath
-
14:30 - Exploit Kit Cornucopia
-
14:30 - Friday the 13th: JSON Attacks
-
15:50 - Electronegativity - A Study of Electron Security
-
15:50 - Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
-
15:50 - Exploiting Network Printers
-
15:50 - WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
-
15:50 - Lies, and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
-
15:50 - And Then the Script-Kiddie Said, "Let There be No Light." Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
-
15:50 - Blue Pill for Your Phone
-
15:50 - Intel AMT Stealth Breakthrough
-
15:50 - Well, that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
-
17:00 - Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
-
17:00 - Betraying the BIOS: Where the Guardians of the BIOS are Failing
-
17:00 - RBN Reloaded - Amplifying Signals from the Underground
-
17:00 - A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
-
17:00 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
-
17:00 - Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
-
17:00 - IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
-
17:00 - The Adventures of AV and the Leaky Sandbox
-
17:00 - Breaking the x86 Instruction Set
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.