Black Hat USA 2017
took place July 22, 2017 through July 27, 2017 (6 years, 8 months ago)
at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,395.00[1].
Presentations
Wednesday, July 26, 2017
Thursday, July 27, 2017
-
09:00 - Bot vs. Bot for Evading Machine Learning Malware Detection
-
09:00 - Escalating Insider Threats Using VMware's API
-
09:00 - Influencing the Market to Improve Security
-
09:00 - Skype & Type: Keystroke Leakage over VoIP
-
09:00 - The Epocholypse 2038: What's in Store for the Next 20 Years
-
09:00 - The Future of ApplePwn - How to Save Your Money
-
09:00 - The Industrial Revolution of Lateral Movement
-
09:00 - OpenCrypto: Unchaining the JavaCard Ecosystem
-
09:00 - The Shadow Brokers – Cyber Fear Game-Changers
-
09:45 - Fad or Future? Getting Past the Bug Bounty Hype
-
09:45 - Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
-
09:45 - Datacenter Orchestration Security and Insecurity: Assessing Kubernetes, Mesos, and Docker at Scale
-
09:45 - 'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
-
09:45 - Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
-
09:45 - rVMI: A New Paradigm for Full System Analysis
-
09:45 - Evading Microsoft ATA for Active Directory Domination
-
09:45 - Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
-
09:45 - Redesigning PKI to Solve Revocation, Expiration, and Rotation Problems
-
11:00 - Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
-
11:00 - Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
-
11:00 - Practical Tips for Defending Web Applications in the Age of DevOps
-
11:00 - Why Most Cyber Security Training Fails and What We Can Do About it
-
11:00 - Breaking the Laws of Robotics: Attacking Industrial Robots
-
11:00 - Intel SGX Remote Attestation is Not Sufficient
-
11:00 - Bug Collisions Meet Government Vulnerability Disclosure
-
11:00 - Hunting GPS Jammers
-
11:00 - Go to Hunt, Then Sleep
-
12:10 - Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
-
12:10 - Game of Chromes: Owning the Web with Zombie Chrome Extensions
-
12:10 - kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
-
12:10 - Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
-
12:10 - Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening
-
12:10 - Attacking Encrypted USB Keys the Hard(ware) Way
-
12:10 - Free-Fall: Hacking Tesla from Wireless to CAN Bus
-
12:10 - AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
-
14:30 - Taking Over the World Through MQTT - Aftermath
-
14:30 - Exploit Kit Cornucopia
-
14:30 - Evolutionary Kernel Fuzzing
-
14:30 - The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
-
14:30 - Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
-
14:30 - Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
-
14:30 - Defeating Samsung KNOX with Zero Privilege
-
14:30 - Friday the 13th: JSON Attacks
-
14:30 - Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
-
15:50 - Intel AMT Stealth Breakthrough
-
15:50 - WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
-
15:50 - Well, that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
-
15:50 - Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
-
15:50 - Lies, and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
-
15:50 - Electronegativity - A Study of Electron Security
-
15:50 - Exploiting Network Printers
-
15:50 - Blue Pill for Your Phone
-
15:50 - And Then the Script-Kiddie Said, "Let There be No Light." Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
-
17:00 - Betraying the BIOS: Where the Guardians of the BIOS are Failing
-
17:00 - RBN Reloaded - Amplifying Signals from the Underground
-
17:00 - A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
-
17:00 - Breaking the x86 Instruction Set
-
17:00 - Behind the Plexiglass Curtain: Stats and Stories from the Black Hat NOC
-
17:00 - The Adventures of AV and the Leaky Sandbox
-
17:00 - IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
-
17:00 - Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
-
17:00 - Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.