Black Hat USA 2019
took place Aug. 3, 2019 through Aug. 8, 2019 (5 years, 3 months ago) at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,495.00[1].
Presentations
Wednesday, Aug. 7, 2019
-
09:00 - Every Security Team is a Software Team Now
-
10:30 - Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically
-
10:30 - Monsters in the Middleboxes: Building Tools for Detecting HTTPS Interception
-
10:30 - ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended
-
10:30 - A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works
-
10:30 - Legal GNSS Spoofing and its Effects on Autonomous Vehicles
-
10:30 - Biometric Authentication Under Threat: Liveness Detection Hacking
-
10:30 - SSO Wars: The Token Menace
-
10:30 - Bypassing the Maginot Line: Remotely Exploit the Hardware Decoder on Smartphone
-
10:30 - Detecting Deep Fakes with Mice
-
11:15 - Attacking Electric Motors for Fun and Profit
-
11:15 - PicoDMA: DMA Attacks at Your Fingertips
-
11:15 - APIC's Adventures in Wonderland
-
11:15 - Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware
-
11:15 - Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine
-
11:15 - The Most Secure Browser? Pwning Chrome from 2016 to 2019
-
11:15 - Dragonblood: Attacking the Dragonfly Handshake of WPA3
-
11:15 - Hacking for the Greater Good: Empowering Technologists to Strengthen Digital Society
-
11:15 - Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)
-
13:30 - HTTP Desync Attacks: Smashing into the Cell Next Door
-
13:30 - All the 4G Modules Could be Hacked
-
13:30 - New Vulnerabilities in 5G Networks
-
13:30 - It's Not What You Know, It's What You Do: How Data Can Shape Security Engagement
-
13:30 - Cyber Insurance 101 for CISO’s
-
13:30 - Sensor and Process Fingerprinting in Industrial Control Systems
-
13:30 - The Path Less Traveled: Abusing Kubernetes Defaults
-
13:30 - Behind the Scenes of Intel Security and Manageability Engine
-
13:30 - I'm Unique, Just Like You: Human Side-Channels and Their Implications for Security and Privacy
-
14:40 - Look, No Hands! -- The Remote, Interaction-less Attack Surface of the iPhone
-
14:40 - Lessons From Two Years of Crypto Audits
-
14:40 - Responding to a Cyber Attack with Missiles
-
14:40 - Integration of Cyber Insurance Into A Risk Management Program
-
14:40 - MITRE ATT&CK: The Play at Home Edition
-
14:40 - Chip.Fail - Glitching the Silicon of the Connected World
-
14:40 - Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
-
14:40 - Worm Charming: Harvesting Malware Lures for Fun and Profit
-
14:40 - Finding a Needle in an Encrypted Haystack: Leveraging Cryptographic Abilities to Detect the Most Prevalent Attacks on Active Directory
-
14:40 - Come Join the CAFSA - Continuous Automated Firmware Security Analysis
-
16:00 - Internet-Scale Analysis of AWS Cognito Security
-
16:00 - Controlled Chaos: The Inevitable Marriage of DevOps & Security
-
16:00 - Hacking Your Non-Compete
-
16:00 - Arm IDA and Cross Check: Reversing the Boeing 787's Core Network
-
16:00 - Messaging Layer Security: Towards a New Era of Secure Group Messaging
-
16:00 - Hunting for Bugs, Catching Dragons
-
16:00 - The Cyber Shell Game – War, Information Warfare, and the Darkening Web
-
16:00 - He Said, She Said – Poisoned RDP Offense and Defense
-
16:00 - How Do Cyber Insurers View The World?
-
16:00 - Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover
-
17:05 - Deconstructing the Phishing Campaigns that Target Gmail Users
-
17:05 - Transparency in the Software Supply Chain: Making SBOM a Reality
-
17:05 - Detecting Malicious Files with YARA Rules as They Traverse the Network
-
17:05 - Reverse Engineering WhatsApp Encryption for Chat Manipulation and More
-
17:05 - MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection
-
17:05 - PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
-
17:05 - Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing
-
17:05 - Defense Against Rapidly Morphing DDOS
-
17:05 - Cybersecurity Risk Assessment for Safety-Critical Systems
Thursday, Aug. 8, 2019
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.