Black Hat USA 2019
took place Aug. 3, 2019 through Aug. 8, 2019 (4 years, 8 months ago)
at Mandalay Bay in Las Vegas, Nevada, USA.
The general admission cost for the conference was $2,495.00[1].
Presentations
Wednesday, Aug. 7, 2019
-
09:00 - Every Security Team is a Software Team Now
-
10:30 - A Decade After Bleichenbacher '06, RSA Signature Forgery Still Works
-
10:30 - SSO Wars: The Token Menace
-
10:30 - Biometric Authentication Under Threat: Liveness Detection Hacking
-
10:30 - Bypassing the Maginot Line: Remotely Exploit the Hardware Decoder on Smartphone
-
10:30 - Legal GNSS Spoofing and its Effects on Autonomous Vehicles
-
10:30 - ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended
-
10:30 - Battle of Windows Service: A Silver Bullet to Discover File Privilege Escalation Bugs Automatically
-
10:30 - Monsters in the Middleboxes: Building Tools for Detecting HTTPS Interception
-
10:30 - Detecting Deep Fakes with Mice
-
11:15 - The Most Secure Browser? Pwning Chrome from 2016 to 2019
-
11:15 - Attacking Electric Motors for Fun and Profit
-
11:15 - Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)
-
11:15 - Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine
-
11:15 - APIC's Adventures in Wonderland
-
11:15 - Behind the Scenes: The Industry of Social Media Manipulation Driven by Malware
-
11:15 - PicoDMA: DMA Attacks at Your Fingertips
-
11:15 - Dragonblood: Attacking the Dragonfly Handshake of WPA3
-
11:15 - Hacking for the Greater Good: Empowering Technologists to Strengthen Digital Society
-
13:30 - Cyber Insurance 101 for CISO’s
-
13:30 - All the 4G Modules Could be Hacked
-
13:30 - New Vulnerabilities in 5G Networks
-
13:30 - I'm Unique, Just Like You: Human Side-Channels and Their Implications for Security and Privacy
-
13:30 - The Path Less Traveled: Abusing Kubernetes Defaults
-
13:30 - Behind the Scenes of Intel Security and Manageability Engine
-
13:30 - It's Not What You Know, It's What You Do: How Data Can Shape Security Engagement
-
13:30 - Sensor and Process Fingerprinting in Industrial Control Systems
-
13:30 - HTTP Desync Attacks: Smashing into the Cell Next Door
-
14:40 - Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
-
14:40 - MITRE ATT&CK: The Play at Home Edition
-
14:40 - Integration of Cyber Insurance Into A Risk Management Program
-
14:40 - Responding to a Cyber Attack with Missiles
-
14:40 - Lessons From Two Years of Crypto Audits
-
14:40 - Chip.Fail - Glitching the Silicon of the Connected World
-
14:40 - Come Join the CAFSA - Continuous Automated Firmware Security Analysis
-
14:40 - Finding a Needle in an Encrypted Haystack: Leveraging Cryptographic Abilities to Detect the Most Prevalent Attacks on Active Directory
-
14:40 - Worm Charming: Harvesting Malware Lures for Fun and Profit
-
14:40 - Look, No Hands! -- The Remote, Interaction-less Attack Surface of the iPhone
-
16:00 - Hacking Your Non-Compete
-
16:00 - Flying a False Flag: Advanced C2, Trust Conflicts, and Domain Takeover
-
16:00 - The Cyber Shell Game – War, Information Warfare, and the Darkening Web
-
16:00 - Arm IDA and Cross Check: Reversing the Boeing 787's Core Network
-
16:00 - Hunting for Bugs, Catching Dragons
-
16:00 - Controlled Chaos: The Inevitable Marriage of DevOps & Security
-
16:00 - He Said, She Said – Poisoned RDP Offense and Defense
-
16:00 - How Do Cyber Insurers View The World?
-
16:00 - Messaging Layer Security: Towards a New Era of Secure Group Messaging
-
16:00 - Internet-Scale Analysis of AWS Cognito Security
-
17:05 - Going Beyond Coverage-Guided Fuzzing with Structured Fuzzing
-
17:05 - Deconstructing the Phishing Campaigns that Target Gmail Users
-
17:05 - PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary
-
17:05 - MINimum Failure - Stealing Bitcoins with Electromagnetic Fault Injection
-
17:05 - Reverse Engineering WhatsApp Encryption for Chat Manipulation and More
-
17:05 - Detecting Malicious Files with YARA Rules as They Traverse the Network
-
17:05 - Defense Against Rapidly Morphing DDOS
-
17:05 - Cybersecurity Risk Assessment for Safety-Critical Systems
-
17:05 - Transparency in the Software Supply Chain: Making SBOM a Reality
Thursday, Aug. 8, 2019
- ^ This price is meant to give a general idea of the cost of attending the conference. Many conferences have varying prices based on number of days of attendance, early registration, tiers of support, or additional costs for workshops or trainings. The price here is meant to represent the most common cost for the majority of attendees. See the conference's homepage, if applicable, for details.