InfoconDB
Toggle navigation
Support
About
InfoconDB
Black Hat
Black Hat USA 2020
Black Hat USA 2020
Virtual
Black Hat USA 2020
took place Aug. 1, 2020 through Aug. 6, 2020 (4 years, 4 months ago).
https://www.blackhat.com/us-20/
https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2020/
Presentations
Wednesday, Aug. 5, 2020
09:00 -
Stress-Testing Democracy: Election Integrity During a Global Pandemic
10:00 -
CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
10:00 -
Room for Escape: Scribbling Outside the Lines of Template Security
10:00 -
HTTP Request Smuggling in 2020 – New Variants, New Defenses and New Challenges
10:00 -
Carrying our Insecurities with Us: The Risks of Implanted Medical Devices in Secure Spaces
10:00 -
Hiding Process Memory via Anti-Forensic Techniques
10:00 -
Hacking the Supply Chain – The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
10:00 -
All You Ever Wanted to Know about the AMD Platform Security Processor and were Afraid to Emulate - Inside a Deeply Embedded Security Processor
10:00 -
Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes
10:00 -
Emulating Samsung's Baseband for Security Testing
11:00 -
Detecting Fake 4G Base Stations in Real Time
11:00 -
Decade of the RATs – Custom Chinese Linux Rootkits for Everyone
11:00 -
Engineering Empathy: Adapting Software Engineering Principles and Process to Security
11:00 -
Repurposing Neural Networks to Generate Synthetic Media for Information Operations
11:00 -
Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
11:00 -
Election Security: Securing America's Future
11:00 -
Industrial Protocol Gateways Under Analysis
11:00 -
Web Cache Entanglement: Novel Pathways to Poisoning
11:00 -
An Unauthenticated Journey to Root: Pwning Your Company's Enterprise Software Servers
12:30 -
Policy Implications of Faulty Cyber Risk Models and How to Fix Them
12:30 -
We Went to Iowa and All We Got were These Felony Arrest Records
12:30 -
Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots
12:30 -
Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks
12:30 -
iOS Kernel PAC, One Year Later
12:30 -
Discovering Hidden Properties to Attack the Node.js Ecosystem
12:30 -
Reverse Engineering the Tesla Battery Management System to increase Power Available
12:30 -
Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value
12:30 -
Demystifying Modern Windows Rootkits
13:30 -
Uncommon Sense: Detecting Exploits with Novel Hardware Performance Counters and ML Magic
13:30 -
Healthscare – An Insider's Biopsy of Healthcare Application Security
13:30 -
The Devil's in the Dependency: Data-Driven Software Composition Analysis
13:30 -
Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
13:30 -
Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot
13:30 -
NoJITsu: Locking Down JavaScript Engines
13:30 -
FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
13:30 -
OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
13:30 -
Reversing the Root: Identifying the Exploited Vulnerability in 0-days Used In-The-Wild
14:30 -
Demigod: The Art of Emulating Kernel Rootkits
14:30 -
Office Drama on macOS
14:30 -
Hacking the Voter: Lessons from a Decade of Russian Military Operations
14:30 -
Needing the DoH: The Ongoing Encryption and Centralization of DNS
14:30 -
IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets
14:30 -
Practical Defenses Against Adversarial Machine Learning
14:30 -
Stealthily Access Your Android Phones: Bypass the Bluetooth Authentication
14:30 -
Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon
14:30 -
When TLS Hacks You
15:30 -
Locknote: Conclusions and Key Takeaways from Day 1
Thursday, Aug. 6, 2020
09:00 -
Hacking Public Opinion
10:00 -
Making an Impact from India to the Rest of the World by Building and Nurturing Women Infosec Community
10:00 -
Escaping Virtualized Containers
10:00 -
How I Created My Clone Using AI - Next-Gen Social Engineering
10:00 -
EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
10:00 -
Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps
10:00 -
Fooling Windows through Superfetch
10:00 -
Multiple Bugs in Multi-Party Computation: Breaking Cryptocurrency's Strongest Wallets
10:00 -
Breaking VSM by Attacking SecureKernel
10:00 -
Security Research on Mercedes-Benz: From Hardware to Car Control
11:00 -
Plundervolt: Flipping Bits from Software without Rowhammer
11:00 -
IMP4GT: IMPersonation Attacks in 4G NeTworks
11:00 -
Portable Document Flaws 101
11:00 -
I calc'd Calc - Exploiting Excel Online
11:00 -
Building Cyber Security Strategies for Emerging Industries in Sub Saharan Africa
11:00 -
Detecting Access Token Manipulation
11:00 -
A Framework for Evaluating and Patching the Human Factor in Cybersecurity
11:00 -
Spectra: Breaking Separation Between Wireless Chips
11:00 -
A Decade After Stuxnet's Printer Vulnerability: Printing is Still the Stairway to Heaven
12:30 -
Heroku Abuse Operations: Hunting Wolves in Sheep's Clothing
12:30 -
Breaking Brains, Solving Problems: Lessons Learned from Two Years of Setting Puzzles and Riddles for InfoSec Professionals
12:30 -
Kr00k: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
12:30 -
A Little Less Speculation, a Little More Action: A Deep Dive into Fuchsia's Mitigations for Specific CPU Side-Channel Attacks
12:30 -
Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys
12:30 -
EdTech- The Ultimate APT
12:30 -
Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
12:30 -
When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
12:30 -
About Directed Fuzzing and Use-After-Free: How to Find Complex & Silent Bugs?
13:30 -
My Cloud is APT's Cloud: Investigating and Defending Office 365
13:30 -
Remote Timing Attacks on TPMs, AKA TPM-Fail
13:30 -
Experimenting with Real-Time Event Feeds
13:30 -
Dive into Apple IO80211FamilyV2
13:30 -
Routopsy: Modern Routing Protocol Vulnerability Analysis and Exploitation
13:30 -
Exploiting Kernel Races through Taming Thread Interleaving
13:30 -
The Dark Side of the Cloud - How a Lack of EMR Security Controls Helped Amplify the Opioid Crisis
13:30 -
Improving Mental Models of End-to-End Encrypted Communication
13:30 -
Black-Box Laser Fault Injection on a Secure Memory
14:30 -
Operation Chimera - APT Operation Targets Semiconductor Vendors
14:30 -
Beyond Root: Custom Firmware for Embedded Mobile Chipsets
14:30 -
Virtually Private Networks
14:30 -
The Paramedic's Guide to Surviving Cybersecurity
14:30 -
You have No Idea Who Sent that Email: 18 Attacks on Email Sender Authentication
14:30 -
Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant
14:30 -
Mind Games: Using Data to Solve for the Human Element
14:30 -
A Hacker's Guide to Reducing Side-Channel Attack Surfaces Using Deep-Learning
14:30 -
TiYunZong: An Exploit Chain to Remotely Root Modern Android Devices - Pwn Android Phones from 2015 to 2020
15:30 -
Locknote: Conclusions and Key Takeaways from Day 2
Presenters
Aanchal Gupta
Alan Michaels
Alexander Eichner
Allan Stojanovic
Allison Donovan
Alvaro Muñoz
Amit Klein
Ariel Herbert-Voss
Ariel Schön
Baptiste David
Ben Nassi
Ben Seri
Benjamin Edwards
Bill Demirkapi
Björn Ruytenberg
Brandon Azad
Byoungyoung Lee
Camille Mackinnon
Changwoo Min
Charl van der Walt
Che-Yang Wu
Cheng-Yu Chao
Chris Eng
Chris Wlaschin
Christopher Krebs
Christopher Wade
Chung-Kuan Chen
Cooper Quintin
Craig Ingram
Daniel Cuthbert
Daniel Gruss
Daniel King
Daniel Moghimi
David Oswald
David Rupprecht
David Severski
Davide Quarta
Doug Bienstock
Dylan Ayrey
Eldridge Alexander
Elie Bursztein
Evelyn Kilel
Federico Maggi
Feng Xiao
Flavio Garcia
Francesco Gringoli
Frank Block
Frank Piessens
Gary Demercurio
Grant Hernandez
Gregory Vishnepolsky
Guang Gong
Guangliang Yang
Guofei Gu
Guy Harpak
Harini Kannan
Hong Hu
Honggang Yu
Hung Chi Su
Inndy Lin
Insu Yun
James Kettle /
albinowax
James Pavur
Jean-Philippe Aumasson
Jens Müller
Jiahao Li
Jian Jiang
Jianjun Chen
Jianwei Huang
Jimmy Su
Jiska Classen
Jo Van Bulck
Jose Morris
Josh Madeley
Joshua Maddux
Jungwon Lim
Justin Wynn
Kailiang Ying
Kevin Livelli
Kevin Perlow
Kit Murdock
Kymberlee Price
Laura Tich
Lee Foster
Maddie Stone
Manh-Dung Nguyen
Marcello Pogliani
Marco Balduzzi
Marina Krotofil
Marius Muench
Mark Kuhr
Masha Sedova
Mathilde Venault
Matt Blaze
Matt Wixey
Matthew Riley
Michelle Wolfe
Minrui Yan
Mitchell Parker
Moshe Kol
Natalie Silvanovich
Nate Beach-Westmoreland
Nick Gregory
Nicolas Joly
Oleksandr Mirosh
Olivier Hériveaux
Omer Akgul
Omer Shlomovits
Pablo Artuso
Patrick Kiley
Patrick Wardle
Paul Grubbs
Peleg Hadar
Philip Tully /
KingPhish3r
Quang Nguyen Hong
Quynh Nguyen Anh
Raheem Beyah
Renée DiResta
Rich Mogull
Robert Buhren
Robert Lipovsky
Rodrigo Rubira Branco
Ron Bitton
Saar Amar
Seth Fogie
Shang-De Jiang
Sheila Berta
Shlomi Oberman
Sourcell Xu
Spencer Cureton
Stefan Svorencik
Stefano Zanero
Szymon Ziolkowski
Sébastien Bardin
Taemin Park
Taesoo Kim
Tamaghna Basu
Tohid Shekari
Tomer Bar
Tongbo Luo
Tsung-Yi Ho
Tuan Do Minh
Tyron Kemp
Vandana Verma Sehgal
Vern Paxson
Veronica Kovah
Wade Baker
Wei Bai
Wenbo Guo
Wenke Lee
Wicus Ross
William Burgess
Xian Wu
Xin Xin
Xinyu Xing
Yichang Xiong
Yier Jin
Yonghwi Jin
Yoochan Lee
Yu Wang
Yuval Avrahami
Yvan Genuer