InfoconDB

Support
About

Home
Black Hat
Black Hat USA 2020

Black Hat USA 2020

Virtual

Black Hat USA 2020 took place Aug. 1, 2020 through Aug. 6, 2020 (5 years ago).

Con Page
Infocon

Presentations

Wednesday, Aug. 5, 2020

09:00 - Stress-Testing Democracy: Election Integrity During a Global Pandemic
10:00 - CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
10:00 - Room for Escape: Scribbling Outside the Lines of Template Security
10:00 - HTTP Request Smuggling in 2020 – New Variants, New Defenses and New Challenges
10:00 - Carrying our Insecurities with Us: The Risks of Implanted Medical Devices in Secure Spaces
10:00 - Hiding Process Memory via Anti-Forensic Techniques
10:00 - Hacking the Supply Chain – The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
10:00 - All You Ever Wanted to Know about the AMD Platform Security Processor and were Afraid to Emulate - Inside a Deeply Embedded Security Processor
10:00 - Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes
10:00 - Emulating Samsung's Baseband for Security Testing
11:00 - Detecting Fake 4G Base Stations in Real Time
11:00 - Decade of the RATs – Custom Chinese Linux Rootkits for Everyone
11:00 - Engineering Empathy: Adapting Software Engineering Principles and Process to Security
11:00 - Repurposing Neural Networks to Generate Synthetic Media for Information Operations
11:00 - Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
11:00 - Election Security: Securing America's Future
11:00 - Industrial Protocol Gateways Under Analysis
11:00 - Web Cache Entanglement: Novel Pathways to Poisoning
11:00 - An Unauthenticated Journey to Root: Pwning Your Company's Enterprise Software Servers
12:30 - Policy Implications of Faulty Cyber Risk Models and How to Fix Them
12:30 - We Went to Iowa and All We Got were These Felony Arrest Records
12:30 - Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots
12:30 - Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks
12:30 - iOS Kernel PAC, One Year Later
12:30 - Discovering Hidden Properties to Attack the Node.js Ecosystem
12:30 - Reverse Engineering the Tesla Battery Management System to increase Power Available
12:30 - Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value
12:30 - Demystifying Modern Windows Rootkits
13:30 - Uncommon Sense: Detecting Exploits with Novel Hardware Performance Counters and ML Magic
13:30 - Healthscare – An Insider's Biopsy of Healthcare Application Security
13:30 - The Devil's in the Dependency: Data-Driven Software Composition Analysis
13:30 - Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
13:30 - Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot
13:30 - NoJITsu: Locking Down JavaScript Engines
13:30 - FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
13:30 - OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
13:30 - Reversing the Root: Identifying the Exploited Vulnerability in 0-days Used In-The-Wild
14:30 - Demigod: The Art of Emulating Kernel Rootkits
14:30 - Office Drama on macOS
14:30 - Hacking the Voter: Lessons from a Decade of Russian Military Operations
14:30 - Needing the DoH: The Ongoing Encryption and Centralization of DNS
14:30 - IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets
14:30 - Practical Defenses Against Adversarial Machine Learning
14:30 - Stealthily Access Your Android Phones: Bypass the Bluetooth Authentication
14:30 - Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon
14:30 - When TLS Hacks You
15:30 - Locknote: Conclusions and Key Takeaways from Day 1

Thursday, Aug. 6, 2020

09:00 - Hacking Public Opinion
10:00 - Making an Impact from India to the Rest of the World by Building and Nurturing Women Infosec Community
10:00 - Escaping Virtualized Containers
10:00 - How I Created My Clone Using AI - Next-Gen Social Engineering
10:00 - EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
10:00 - Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps
10:00 - Fooling Windows through Superfetch
10:00 - Multiple Bugs in Multi-Party Computation: Breaking Cryptocurrency's Strongest Wallets
10:00 - Breaking VSM by Attacking SecureKernel
10:00 - Security Research on Mercedes-Benz: From Hardware to Car Control
11:00 - Plundervolt: Flipping Bits from Software without Rowhammer
11:00 - IMP4GT: IMPersonation Attacks in 4G NeTworks
11:00 - Portable Document Flaws 101
11:00 - I calc'd Calc - Exploiting Excel Online
11:00 - Building Cyber Security Strategies for Emerging Industries in Sub Saharan Africa
11:00 - Detecting Access Token Manipulation
11:00 - A Framework for Evaluating and Patching the Human Factor in Cybersecurity
11:00 - Spectra: Breaking Separation Between Wireless Chips
11:00 - A Decade After Stuxnet's Printer Vulnerability: Printing is Still the Stairway to Heaven
12:30 - Heroku Abuse Operations: Hunting Wolves in Sheep's Clothing
12:30 - Breaking Brains, Solving Problems: Lessons Learned from Two Years of Setting Puzzles and Riddles for InfoSec Professionals
12:30 - Kr00k: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
12:30 - A Little Less Speculation, a Little More Action: A Deep Dive into Fuchsia's Mitigations for Specific CPU Side-Channel Attacks
12:30 - Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys
12:30 - EdTech- The Ultimate APT
12:30 - Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
12:30 - When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
12:30 - About Directed Fuzzing and Use-After-Free: How to Find Complex & Silent Bugs?
13:30 - My Cloud is APT's Cloud: Investigating and Defending Office 365
13:30 - Remote Timing Attacks on TPMs, AKA TPM-Fail
13:30 - Experimenting with Real-Time Event Feeds
13:30 - Dive into Apple IO80211FamilyV2
13:30 - Routopsy: Modern Routing Protocol Vulnerability Analysis and Exploitation
13:30 - Exploiting Kernel Races through Taming Thread Interleaving
13:30 - The Dark Side of the Cloud - How a Lack of EMR Security Controls Helped Amplify the Opioid Crisis
13:30 - Improving Mental Models of End-to-End Encrypted Communication
13:30 - Black-Box Laser Fault Injection on a Secure Memory
14:30 - Operation Chimera - APT Operation Targets Semiconductor Vendors
14:30 - Beyond Root: Custom Firmware for Embedded Mobile Chipsets
14:30 - Virtually Private Networks
14:30 - The Paramedic's Guide to Surviving Cybersecurity
14:30 - You have No Idea Who Sent that Email: 18 Attacks on Email Sender Authentication
14:30 - Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant
14:30 - Mind Games: Using Data to Solve for the Human Element
14:30 - A Hacker's Guide to Reducing Side-Channel Attack Surfaces Using Deep-Learning
14:30 - TiYunZong: An Exploit Chain to Remotely Root Modern Android Devices - Pwn Android Phones from 2015 to 2020
15:30 - Locknote: Conclusions and Key Takeaways from Day 2

Presenters