Black Hat USA 2021
took place July 31, 2021 through Aug. 5, 2021 (2 years, 4 months ago)
at Mandalay Bay in Las Vegas, Nevada, USA.
Presentations
Wednesday, Aug. 4, 2021
Thursday, Aug. 5, 2021
-
09:00 - Keynote: Hacking the Cybersecurity Puzzle
-
10:20 - Greybox Program Synthesis: A New Approach to Attack Dataflow Obfuscation
-
10:20 - FragAttacks: Breaking Wi-Fi through Fragmentation and Aggregation
-
10:20 - Breaking Secure Bootloaders
-
10:20 - Turing in a Box: Applying Artificial Intelligence as a Service to Targeted Phishing and Defending Against AI Generated Attacks
-
10:20 - Come to the Dark Side, We Have Apples: Turning macOS Management Evil
-
10:20 - 5G IMSI Catchers Mirage
-
10:20 - Chip Chop - Smashing the Mobile Phone Secure Chip for Fun and Digital Forensics
-
10:20 - The Devil is in the GAN: Defending Deep Generative Models Against Adversarial Attacks
-
10:20 - Disinformation At Scale: Using GPT-3 Maliciously for Information Operations
-
10:20 - Can You Roll Your Own SIEM?
-
10:20 - Reverse Engineering the M1
-
10:20 - Crashing Your Way to Medium-IL: Exploiting the PDB Parser for Privilege Escalation
-
10:20 - A Hole in the Tube: Uncovering Vulnerabilities in Critical Infrastructure of Healthcare Facilities
-
11:20 - Baby Sharks: Small-Subgroup Attacks to Disrupt Large Distributed Systems
-
11:20 - With Friends Like eBPF, Who Needs Enemies?
-
11:20 - The Unbelievable Insecurity of the Big Data Stack: An Offensive Approach to Analyzing Huge and Complex Big Data Infrastructures
-
11:20 - I'm a Hacker Get Me Out of Here! Breaking Network Segregation Using Esoteric Command & Control Channels
-
11:20 - HPE iLO5 Firmware Security - Go Home Cryptoprocessor, You're Drunk!
-
11:20 - Action Bias and the Two Most Dangerous Words in Cybersecurity
-
11:20 - Sleight of ARM: Demystifying Intel Houdini
-
11:20 - Symbexcel: Bringing the Power of Symbolic Execution to the Fight Against Malicious Excel 4 Macros
-
11:20 - Hacking a Capsule Hotel - Ghost in the Bedrooms
-
11:20 - The Ripple Effect: Building a Diverse Security Research Team
-
13:30 - Windows Heap-backed Pool: The Good, the Bad, and the Encoded
-
13:30 - HTTP/2: The Sequel is Always Worse
-
13:30 - Cloudy with a Chance of APT: Novel Microsoft 365 Attacks in the Wild
-
13:30 - Everything has Changed in iOS 14, but Jailbreak is Eternal
-
13:30 - Securing Open Source Software - End-to-End, at Massive Scale, Together
-
13:30 - Small Wonder: Uncovering Planned Obsolescence Practices in Robotics and What This Means for Cybersecurity
-
13:30 - A Broken Chain: Discovering OPC UA Attack Surface and Exploiting the Supply Chain
-
13:30 - Certified Pre-Owned: Abusing Active Directory Certificate Services
-
14:30 - Generating YARA Rules by Classifying Malicious Byte Sequences
-
14:30 - Government-Mandated Front Doors?: A Global Assessment of Legalized Government Access to Data
-
14:30 - Exploiting Windows COM/WinRT Services
-
14:30 - Internal Affairs: Hacking File System Access from the Web
-
14:30 - Demystify AI Security Products With a Universal Pluggable XAI Translator
-
14:30 - Can You Hear Me Now? Remote Eavesdropping Vulnerabilities in Mobile Messaging Applications
-
14:30 - Fixing a Memory Forensics Blind Spot: Linux Kernel Tracing
-
14:30 - A Survivor-Centric, Trauma-Informed Approach to Stalkerware
-
14:30 - Qualcomm WiFi: Infinity War
-
14:30 - Bam the BAM - Electromagnetic Fault Injection & Automotive Systems
-
15:20 - Alcatraz: A Practical Hypervisor Sandbox to Prevent Escapes from the KVM/QEMU and KVM-Based MicroVMs
-
15:20 - Back in Black Hat: The 7th Annual Black Hat USA NOC Report
-
15:20 - Over the Air Baseband Exploit: Gaining Remote Code Execution on 5G Smartphones
-
15:20 - ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
-
15:20 - CnCHunter: An MITM-Approach to Identify Live CnC Servers
-
15:20 - PCIe Device Attacks: Beyond DMA. Exploiting PCIe Switches, Messages and Errors
-
15:20 - Arm'd and Dangerous
-
16:20 - Keynote: Secretary Alejandro Mayorkas