InfoconDB

Support
About

InfoconDB
Black Hat
Black Hat USA 2020

Black Hat USA 2020

Virtual

Black Hat USA 2020 took place Aug. 1, 2020 through Aug. 6, 2020 (4 years, 2 months ago).

https://www.blackhat.com/us-20/
https://infocon.org/cons/Black Hat/Black Hat USA/Black Hat USA 2020/

Presentations

Wednesday, Aug. 5, 2020

09:00 - Stress-Testing Democracy: Election Integrity During a Global Pandemic
10:00 - CloudLeak: DNN Model Extractions from Commercial MLaaS Platforms
10:00 - Room for Escape: Scribbling Outside the Lines of Template Security
10:00 - HTTP Request Smuggling in 2020 – New Variants, New Defenses and New Challenges
10:00 - Carrying our Insecurities with Us: The Risks of Implanted Medical Devices in Secure Spaces
10:00 - Hiding Process Memory via Anti-Forensic Techniques
10:00 - Hacking the Supply Chain – The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
10:00 - All You Ever Wanted to Know about the AMD Platform Security Processor and were Afraid to Emulate - Inside a Deeply Embedded Security Processor
10:00 - Defending Containers Like a Ninja: A Walk through the Advanced Security Features of Docker & Kubernetes
10:00 - Emulating Samsung's Baseband for Security Testing
11:00 - Detecting Fake 4G Base Stations in Real Time
11:00 - Decade of the RATs – Custom Chinese Linux Rootkits for Everyone
11:00 - Engineering Empathy: Adapting Software Engineering Principles and Process to Security
11:00 - Repurposing Neural Networks to Generate Synthetic Media for Information Operations
11:00 - Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
11:00 - Election Security: Securing America's Future
11:00 - Industrial Protocol Gateways Under Analysis
11:00 - Web Cache Entanglement: Novel Pathways to Poisoning
11:00 - An Unauthenticated Journey to Root: Pwning Your Company's Enterprise Software Servers
12:30 - Policy Implications of Faulty Cyber Risk Models and How to Fix Them
12:30 - We Went to Iowa and All We Got were These Felony Arrest Records
12:30 - Ruling StarCraft Game Spitefully -- Exploiting the Blind Spot of AI-Powered Game Bots
12:30 - Whispers Among the Stars: A Practical Look at Perpetrating (and Preventing) Satellite Eavesdropping Attacks
12:30 - iOS Kernel PAC, One Year Later
12:30 - Discovering Hidden Properties to Attack the Node.js Ecosystem
12:30 - Reverse Engineering the Tesla Battery Management System to increase Power Available
12:30 - Stopping Snake Oil with Smaller Healthcare Providers: Addressing Security with Actionable Plans and Maximum Value
12:30 - Demystifying Modern Windows Rootkits
13:30 - Uncommon Sense: Detecting Exploits with Novel Hardware Performance Counters and ML Magic
13:30 - Healthscare – An Insider's Biopsy of Healthcare Application Security
13:30 - The Devil's in the Dependency: Data-Driven Software Composition Analysis
13:30 - Building a Vulnerability Disclosure Program that Works for Election Vendors and Hackers
13:30 - Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot
13:30 - NoJITsu: Locking Down JavaScript Engines
13:30 - FASTCash and INJX_Pure: How Threat Actors Use Public Standards for Financial Fraud
13:30 - OTRazor: Static Code Analysis for Vulnerability Discovery in Industrial Automation Scripts
13:30 - Reversing the Root: Identifying the Exploited Vulnerability in 0-days Used In-The-Wild
14:30 - Demigod: The Art of Emulating Kernel Rootkits
14:30 - Office Drama on macOS
14:30 - Hacking the Voter: Lessons from a Decade of Russian Military Operations
14:30 - Needing the DoH: The Ongoing Encryption and Centralization of DNS
14:30 - IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets
14:30 - Practical Defenses Against Adversarial Machine Learning
14:30 - Stealthily Access Your Android Phones: Bypass the Bluetooth Authentication
14:30 - Superman Powered by Kryptonite: Turn the Adversarial Attack into Your Defense Weapon
14:30 - When TLS Hacks You
15:30 - Locknote: Conclusions and Key Takeaways from Day 1

Thursday, Aug. 6, 2020

09:00 - Hacking Public Opinion
10:00 - Making an Impact from India to the Rest of the World by Building and Nurturing Women Infosec Community
10:00 - Escaping Virtualized Containers
10:00 - How I Created My Clone Using AI - Next-Gen Social Engineering
10:00 - EtherOops: Exploring Practical Methods to Exploit Ethernet Packet-in-Packet Attacks
10:00 - Lamphone: Real-Time Passive Reconstruction of Speech Using Light Emitted from Lamps
10:00 - Fooling Windows through Superfetch
10:00 - Multiple Bugs in Multi-Party Computation: Breaking Cryptocurrency's Strongest Wallets
10:00 - Breaking VSM by Attacking SecureKernel
10:00 - Security Research on Mercedes-Benz: From Hardware to Car Control
11:00 - Plundervolt: Flipping Bits from Software without Rowhammer
11:00 - IMP4GT: IMPersonation Attacks in 4G NeTworks
11:00 - Portable Document Flaws 101
11:00 - I calc'd Calc - Exploiting Excel Online
11:00 - Building Cyber Security Strategies for Emerging Industries in Sub Saharan Africa
11:00 - Detecting Access Token Manipulation
11:00 - A Framework for Evaluating and Patching the Human Factor in Cybersecurity
11:00 - Spectra: Breaking Separation Between Wireless Chips
11:00 - A Decade After Stuxnet's Printer Vulnerability: Printing is Still the Stairway to Heaven
12:30 - Heroku Abuse Operations: Hunting Wolves in Sheep's Clothing
12:30 - Breaking Brains, Solving Problems: Lessons Learned from Two Years of Setting Puzzles and Riddles for InfoSec Professionals
12:30 - Kr00k: Serious Vulnerability Affected Encryption of Billion+ Wi-Fi Devices
12:30 - A Little Less Speculation, a Little More Action: A Deep Dive into Fuchsia's Mitigations for Specific CPU Side-Channel Attacks
12:30 - Hunting Invisible Salamanders: Cryptographic (in)Security with Attacker-Controlled Keys
12:30 - EdTech- The Ultimate APT
12:30 - Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities
12:30 - When Lightning Strikes Thrice: Breaking Thunderbolt 3 Security
12:30 - About Directed Fuzzing and Use-After-Free: How to Find Complex & Silent Bugs?
13:30 - My Cloud is APT's Cloud: Investigating and Defending Office 365
13:30 - Remote Timing Attacks on TPMs, AKA TPM-Fail
13:30 - Experimenting with Real-Time Event Feeds
13:30 - Dive into Apple IO80211FamilyV2
13:30 - Routopsy: Modern Routing Protocol Vulnerability Analysis and Exploitation
13:30 - Exploiting Kernel Races through Taming Thread Interleaving
13:30 - The Dark Side of the Cloud - How a Lack of EMR Security Controls Helped Amplify the Opioid Crisis
13:30 - Improving Mental Models of End-to-End Encrypted Communication
13:30 - Black-Box Laser Fault Injection on a Secure Memory
14:30 - Operation Chimera - APT Operation Targets Semiconductor Vendors
14:30 - Beyond Root: Custom Firmware for Embedded Mobile Chipsets
14:30 - Virtually Private Networks
14:30 - The Paramedic's Guide to Surviving Cybersecurity
14:30 - You have No Idea Who Sent that Email: 18 Attacks on Email Sender Authentication
14:30 - Lateral Movement and Privilege Escalation in GCP; Compromise any Organization without Dropping an Implant
14:30 - Mind Games: Using Data to Solve for the Human Element
14:30 - A Hacker's Guide to Reducing Side-Channel Attack Surfaces Using Deep-Learning
14:30 - TiYunZong: An Exploit Chain to Remotely Root Modern Android Devices - Pwn Android Phones from 2015 to 2020
15:30 - Locknote: Conclusions and Key Takeaways from Day 2

Presenters