Black Hat USA 2021
took place July 31, 2021 through Aug. 5, 2021 (4 years ago) at Mandalay Bay in Las Vegas, Nevada, USA.
Presentations
Wednesday, Aug. 4, 2021
Thursday, Aug. 5, 2021
-
09:00 - Keynote: Hacking the Cybersecurity Puzzle
-
10:20 - A Hole in the Tube: Uncovering Vulnerabilities in Critical Infrastructure of Healthcare Facilities
-
10:20 - Reverse Engineering the M1
-
10:20 - Breaking Secure Bootloaders
-
10:20 - Crashing Your Way to Medium-IL: Exploiting the PDB Parser for Privilege Escalation
-
10:20 - Disinformation At Scale: Using GPT-3 Maliciously for Information Operations
-
10:20 - Can You Roll Your Own SIEM?
-
10:20 - The Devil is in the GAN: Defending Deep Generative Models Against Adversarial Attacks
-
10:20 - Greybox Program Synthesis: A New Approach to Attack Dataflow Obfuscation
-
10:20 - Come to the Dark Side, We Have Apples: Turning macOS Management Evil
-
10:20 - 5G IMSI Catchers Mirage
-
10:20 - Chip Chop - Smashing the Mobile Phone Secure Chip for Fun and Digital Forensics
-
10:20 - FragAttacks: Breaking Wi-Fi through Fragmentation and Aggregation
-
10:20 - Turing in a Box: Applying Artificial Intelligence as a Service to Targeted Phishing and Defending Against AI Generated Attacks
-
11:20 - Action Bias and the Two Most Dangerous Words in Cybersecurity
-
11:20 - HPE iLO5 Firmware Security - Go Home Cryptoprocessor, You're Drunk!
-
11:20 - Sleight of ARM: Demystifying Intel Houdini
-
11:20 - The Ripple Effect: Building a Diverse Security Research Team
-
11:20 - Hacking a Capsule Hotel - Ghost in the Bedrooms
-
11:20 - Symbexcel: Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros
-
11:20 - Baby Sharks: Small-Subgroup Attacks to Disrupt Large Distributed Systems
-
11:20 - I'm a Hacker Get Me Out of Here! Breaking Network Segregation Using Esoteric Command & Control Channels
-
11:20 - With Friends Like eBPF, Who Needs Enemies?
-
11:20 - The Unbelievable Insecurity of the Big Data Stack: An Offensive Approach to Analyzing Huge and Complex Big Data Infrastructures
-
13:30 - Small Wonder: Uncovering Planned Obsolescence Practices in Robotics and What This Means for Cybersecurity
-
13:30 - Securing Open Source Software - End-to-End, at Massive Scale, Together
-
13:30 - Everything has Changed in iOS 14, but Jailbreak is Eternal
-
13:30 - Certified Pre-Owned: Abusing Active Directory Certificate Services
-
13:30 - Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild
-
13:30 - Windows Heap-backed Pool: The Good, the Bad, and the Encoded
-
13:30 - A Broken Chain: Discovering OPC UA Attack Surface and Exploiting the Supply Chain
-
13:30 - HTTP/2: The Sequel is Always Worse
-
14:30 - Exploiting Windows COM/WinRT Services
-
14:30 - Internal Affairs: Hacking File System Access from the Web
-
14:30 - Fixing a Memory Forensics Blind Spot: Linux Kernel Tracing
-
14:30 - Can You Hear Me Now? Remote Eavesdropping Vulnerabilities in Mobile Messaging Applications
-
14:30 - A Survivor-Centric, Trauma-Informed Approach to Stalkerware
-
14:30 - Bam the BAM - Electromagnetic Fault Injection & Automotive Systems
-
14:30 - Government-Mandated Front Doors?: A Global Assessment of Legalized Government Access to Data
-
14:30 - Demystify AI Security Products With a Universal Pluggable XAI Translator
-
14:30 - Generating YARA Rules by Classifying Malicious Byte Sequences
-
14:30 - Qualcomm WiFi: Infinity War
-
15:20 - PCIe Device Attacks: Beyond DMA. Exploiting PCIe Switches, Messages and Errors
-
15:20 - Alcatraz: A Practical Hypervisor Sandbox to Prevent Escapes from the KVM/QEMU and KVM-Based MicroVMs
-
15:20 - CnCHunter: An MITM-Approach to Identify Live CnC Servers
-
15:20 - Arm'd and Dangerous
-
15:20 - Back in Black Hat: The 7th Annual Black Hat USA NOC Report
-
15:20 - Over the Air Baseband Exploit: Gaining Remote Code Execution on 5G Smartphones
-
15:20 - ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
-
16:20 - Keynote: Secretary Alejandro Mayorkas