Black Hat Briefings is a computer security conference that brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers. The Briefings take place regularly in Las Vegas, Barcelona, Amsterdam, Abu Dhabi and, occasionally, Tokyo. An event dedicated to the US federal agencies is organized in Washington, D.C.

Wikipedia
Black Hat
Black Hat
YouTube Video
  • Ryan Permeh, Founder and Chief Scientist of Cylance®, examines the redemptive role of artificial intelligence (AI) in a beleaguered cybersecurity industry. AI can address the security personnel shortage and outpace rising malware attacks – but like any tool it must be used properly. Only great AI delivers great results. Learn More: https://www.blackhat.com/us-18/execinterview-cylance.html

Black Hat
Black Hat
YouTube Video
  • In this presentation, one vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network is introduced. In the CSFB procedure, we found the authentication step is missing. The result is that an attacker can hijack the victim's communication. We named this attack as 'Ghost Telephonist.' Several exploitations can be made based on this vulnerability. When the call or SMS is not encrypted, or wea...

Black Hat
Black Hat
YouTube Video
  • MEMS sensors, such as accelerometers and gyroscopes, play non-substitutive roles in modern smart devices. A vulnerability has been revealed that the inside sensing elements will resonate when imposed acoustic wave at the certain frequencies, thus yielding spoiled data. By Zhengbo Wang & Wang Kang & Bo Yang & Shangyuan LI & Aimin Pan Full Abstract & Presentation Materials: https://www.blackhat.c...

Black Hat
Black Hat
YouTube Video
  • In this presentation, one vulnerability in CSFB (Circuit Switched Fallback) in 4G LTE network is introduced. In the CSFB procedure, we found the authentication step is missing. The result is that an attacker can hijack the victim's communication. We named this attack as 'Ghost Telephonist.' Several exploitations can be made based on this vulnerability. When the call or SMS is not encrypted, or wea...

Black Hat
Black Hat
YouTube Video
  • MEMS sensors, such as accelerometers and gyroscopes, play non-substitutive roles in modern smart devices. A vulnerability has been revealed that the inside sensing elements will resonate when imposed acoustic wave at the certain frequencies, thus yielding spoiled data. By Zhengbo Wang & Wang Kang & Bo Yang & Shangyuan LI & Aimin Pan Full Abstract & Presentation Materials: https://www.blackhat.c...

Black Hat
Black Hat
YouTube Video
  • Signatures are dead! We need to focus on machine learning, artificial intelligence, math models, lions, tigers and bears, Oh My!! - STOP!! - How many times have we heard all these buzzwords at conferences, or our managers saying that solution X will solve all our problems. I don't know about you, but I was tired of listening to the hype and the over-use of these terms that really made no sense. B...

Black Hat
Black Hat
YouTube Video
  • In recent years, the emerging Internet-of-Things (IoT) has led to rising concerns about the security of networked embedded devices. In this work, we focus on the adaptation of honeypots for improving the security of IoTs, and argue why we need to have a huge innovation to build honeypot for IoT devices. By Tongbo Luo, Zhaoyan Xu, Xin Ouyang & Xing Jin Full Abstract & Presentation Materials: htt...

Black Hat
Black Hat
YouTube Video
  • In this presentation, we describe and demonstrate a novel technique for exfiltrating data from highly secure enterprises whose endpoints have no direct Internet connection, or whose endpoints' connection to the Internet is restricted to hosts used by their legitimately installed software. Assuming the endpoint has a cloud-enhanced antivirus product installed, we show that if the anti-virus product...

Black Hat
Black Hat
YouTube Video
  • Every modern computer system based on Intel architecture has Intel Management Engine (ME) - a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). During this talk we will discuss methods of remote pwning of almost every Intel based ...

Black Hat
Black Hat
YouTube Video
  • How often does someone find your secret bugs? The Vulnerability Equities Process (VEP) helps determine if a software vulnerability known to the U.S. government will be disclosed or kept secret. A key part of that calculation is the likelihood that some other party may have found the same vulnerability. By Jason Healey, Katie Moussouris, Kim Zetter, Lillian Ablon & Trey Herr Full Abstract & Pres...

Black Hat
Black Hat
YouTube Video
  • It's the 20th Black Hat, and it's been a wild ride from 1997 to 2017. So, what will happen over the NEXT 20 years? Let's ask Mikko. In this talk he will outlane the changing landscape of computer security and what are likely to be the most important upcoming developments. By understanding attackers and their motives, we can best protect our computers. And in the future, there's much more to protec...

Black Hat
Black Hat
YouTube Video
  • In this talk I will describe how I used an exploit chain to defeat the new Samsung KNOX with zero privilege (exploit chain can be executed by any untrusted application), including KASLR bypassing, DFI bypassing, SELinux fully bypassing and privilege escalation. All details of vulnerabilities and mitigation bypassing techniques will be given during the presentation. By Di Shen Full Abstract & Pr...

Black Hat
Black Hat
YouTube Video
  • iCloud Keychain employs end-to-end encryption to synchronise secrets across devices enrolled in iCloud. We discovered a critical cryptographic implementation flaw which would have allowed sophisticated attackers with privileged access to iCloud communications to man-in-the-middle iCloud Keychain Sync and gain plaintext access to iCloud Keychain secrets. By Alex Radocea Full Abstract & Materials:...

Black Hat
Black Hat
YouTube Video
  • The abundance of memory corruption and disclosure vulnerabilities in kernel code necessitates the deployment of hardening techniques to prevent privilege escalation attacks. As more strict memory isolation mechanisms between the kernel and user space, like Intel's SMEP, become commonplace, attackers increasingly rely on code reuse techniques to exploit kernel vulnerabilities. By Marios Pomonis ...

Black Hat
Black Hat
YouTube Video
  • Cyber threats are intensifying dramatically, with growing global concerns about attacks on critical infrastructure, as well as political parties and electoral systems. In this video, FireEye’s Chief Security Architect, Christopher Glyer shares his frontline experience dealing with advanced threat actors from around the globe and how organizations can combat against these emerging threats. Video H...

Black Hat
Black Hat
YouTube Video
  • Wind farms are becoming a leading source for renewable energy. The increased reliance on wind energy makes wind farm control systems attractive targets for attackers. This talk explains how wind farm control networks work and how they can be attacked in order to negatively influence wind farm operations (e.g., wind turbine hijacking). By Jason Staggs Full Abstract & Presentation Materials: htt...

Black Hat
Black Hat
YouTube Video
  • PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection, Traffic Analysis, and Beyond Distributed denial of service attacks (DDoS) are a constant problem for network operators today. Thanks to low cost of entry, high effectiveness, and the difficulty present in filtering out such attacks from inbound network traffic, DDoS attacks are relatively co...

Black Hat
Black Hat
YouTube Video
  • Most organisations want to monitor wireless devices within their environment, but, with a growing number of disparate low cost wireless technologies appearing on the market, the scale of this task can be unmanageable. By Michael Ossmann & Dominic Spill Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefings.html#whats-on-the-wireless-automating-rf-signal-identification

Black Hat
Black Hat
YouTube Video
  • Are nightmares of data breaches and targeted attacks keeping your CISO up at night? You know you should be hunting for these threats, but where do you start? Told in the style of the popular children's story spoof, this soothing bedtime tale will lead Li'l Threat Hunters through the first five hunts they should do to find bad guys and, ultimately, help their CISOs "Go the F*#k to Sleep." By David...

Black Hat
Black Hat
YouTube Video
  • In this session, I will examine traditional game theory and propose why behavioral game theory should take its place in the philosophy of defense. Next, I'll review the first principles of game theory, through the lens of behavioral game theory, which empirically measures how humans actually behave in games, rather than assumes they will behave coldly rational. By Kelly Shortridge Full Abstract ...

Black Hat
Black Hat
YouTube Video
  • The presentation starts with the introduction of Hourglass Model 2.0, a research framework allowing researchers with limited access to underground marketplace to further collect security intelligence leads that can be used for both threat prevention and mitigation plan development. By Anna Chung Full Abstract & Presentation Materials: https://www.blackhat.com/asia-18/briefings.html#hourglass-mod...

Black Hat
Black Hat
YouTube Video
  • In this talk, we will disclose four recent campaigns conducted by the groups. These campaign targeted banks in South Korea and EMEA, an ATM company and several Bitcoin exchanges service provider. We will introduce the malware, vulnerabilities, IOC, and attack vectors discovered in these attacks. By Chi-en (Ashley) Shen, Kyoung-ju Kwak & Min-Chang Jang Full Abstract & Presentation Materials: http...

Black Hat
Black Hat
YouTube Video
  • Millions of networks are relying on Windows authentication protocols to secure their logins, and consequently, their network's integrity. In this talk, we will show a surprising chosen-plaintext attack exploiting a logical vulnerability in one of Windows' more common protocols. By Eyal Karni & Yaron Zinar & Roman Blachman Full Abstract & Presentation Materials: https://www.blackhat.com/asia-18/b...

Black Hat
Black Hat
YouTube Video
  • Black Hat Asia 2018 Day 2 Keynote: A Short Course in Cyber Warfare presented by The Grugq Cyber is a new dimension in conflict which is still not fully theorized or conceptualized. Not that that is stopping anybody. Critically, cyber is the third new dimension in war in the last century, and the only one where the great powers are openly engaged in active conflict. Here we have an opportunity to...

Black Hat
Black Hat
YouTube Video
  • Black Hat Asia 2018 Day 1 Keynote Bill Woodcock addresses past and current efforts to curtail nation-state cyber-attacks on the private-sector core infrastructure of the Internet. From the live fire cyber exercises of the dot-com era and the US-China-Russia cyber-conflicts and United Nations “Group of Government Experts" of the subsequent decade to the current effort of the Global Commission on t...

Black Hat
Black Hat
YouTube Video
  • The connected landscape enables organizations to innovate but also increases their risk exposure. Todd Waskelis, AVP of AT&T Cybersecurity Solutions, reveals the disconnect between business and security while highlighting the importance of a layered defense. Let AT&T help accelerate and protect your digital transformation with security expertise and data insights. Video Highlight...

Black Hat
Black Hat
YouTube Video
  • 2016 was the year of Java deserialization apocalypse. Although Java Deserialization attacks were known for years, the publication of the Apache Commons Collection Remote Code Execution (RCE from now on) gadget finally brought this forgotten vulnerability to the spotlight and motivated the community to start finding and fixing these issues. by Alvaro Muñoz & Oleksandr Mirosh Full Abstract & Pre...

Black Hat
Black Hat
YouTube Video
  • In this talk we show how to detect and abuse logical flaws in implementations of this handshake.Our goal is not to detect common programming errors such as buffer overflows or double frees, but to detect logical vulnerabilities. By Mathy Vanhoef Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefings.html#wifuzz-detecting-and-exploiting-logical-flaws-in-the-wi-fi-crypto...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.