کنفرانس Black Hat Asia ، امسال 9 تا 12 مه ، 19 تا 22 اردیبهشت، در سنگاپور برگزار شد.
ارائه ها در دو روز بود و در کنار اون ، موارد دیگه ای مانند برنامه های آموزشی و ورکشاپ هم برگزار شد.
لیست ارائه هایی که امسال در این کنفرانس بودن:
- Xiaosheng Tan: Keynote – Preparing the Long Journey for Data Security
- Simon Scannell, Valentina Palmiotti , Juan José López : Alice in Kernel Land: Lessons Learned From the eBPF Rabbit Hole
- Rohan Aggarwal :Bypassing Anti-Cheats & Hacking Competitive Games
- Guangdong Bai, Qing Zhang : Revisiting Stealthy Sensitive Information Collection from Android Apps
- Lorin Wu, Porot Mo: When Knowledge Graph Meets TTPs: Highly Automated and Adaptive Executable TTP Intelligence for Security Evaluation
- Luyi Xing: Dilemma in IoT Access Control: Revealing Novel Attacks and Design Challenges in Mobile-as-a-Gateway IoT
- Yue-Tien Chen, Zih-Cing Liao : Operation Clairvoyance: How APT Groups Spy on the Media Industry
- Paul Gerste : Stealing With Style: Using CSS to Exploit ProtonMail & Friends
- Yong Wang: Two Bugs With One PoC: Rooting Pixel 6 From Android 12 to Android 13
- Fyodor Yarochkin, Zhengyu Dong : Behind the Scenes: How Criminal Enterprises Pre-infect Millions of Mobile Devices
- Dimitrios Valsamaras: Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors
- Seungjoon Lee, Kwonyoup Kim: Grand Theft House: RF Lock Pick Tool to Unlock Smart Door Lock
- Mikhail Shcherbakov : Prototype Pollution Leads to RCE: Gadgets Everywhere
- Gerardo Fernandez Navarrete : Deception at Scale: How Malware Abuses Trust
- Dagmawi Mulugeta: Insider Threats Packing Their Bags With Corporate Data
- Zitai Chen : PMFault: Voltage Fault Injection on Server Platforms Through the PMBus
- Gabriel Landau: PPLdump Is Dead. Long Live PPLdump!
- Vlad Babkin: firmWar: An Imminent Threat to the Foundation of Computing
- Linus Kvarnhammar : Hacked on National Television
- Antoine Vastel, Konstantina Kontoudi: Leveraging Streaming-Based Outlier Detection and SliceLine to Stop Heavily Distributed Bot Attacks
- Jos Wetzels: Nakatomi Space: Lateral Movement as L1 Post-exploitation in OT
- Fyodor Yarochkin: Forward Focus – The Impact of Artificial Intelligence
- Yoav Alon , Tzah Pahima: Breaking Managed Data Services in the Cloud
- Koh Nakagawa: Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache
- Chrisando Ryan Pardomuan Siahaan: E-Meet (or Emit?) My Keystrokes: How Benign Screen-sharing Meetings Could Leak Typing Behaviors
- Mathy Vanhoef, Domien Schepers: Sweet Dreams: Abusing Sleep Mode to Break Wi-Fi Encryption and Disrupt WPA2/3 Networks
- Sandro Pinto, Cristiano Rodrigues: Hand Me Your SECRET, MCU! Microarchitectural Timing Attacks on Microcontrollers are Practical
- Ziling Chen, Nan Wang: New Wine in an Old Bottle: Attacking Chrome WebSQL
- Sarah Young: Security Advocacy Shouldn’t Be for Security Professionals: An Analysis of How the Industry Misses the Mark and How We Can Improve
- Imran Saleem: Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy?
- Nestori Syynimaa, Sravan Akkaram :Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
- Xu Yuanzhen :A New Attack Interface in Java Applications
- Karel Dhondt, Victor Le Pochat: A Run a Day Won’t Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks
- Chiachih Wu, SYuan-Tsung Lo : Fuzzing the Native NTFS Read-Write Driver (NTFS3) in the Linux Kernel
- Zong Cao, Zheng Wang: Attacking the WebAssembly Compiler of WebKit
- Rohit Sehgal : Engaging the Next Generation of Cybersecurity Professionals: The Power of Security Zines
- Xiang Li : Phoenix Domain Attack: Vulnerable Links in Domain Name Delegation and Revocation
- John Uhlmann: You Can Run, but You Can’t Hide – Finding the Footprints of Hidden Shellcode
- Yakir Kadkoda, Ilay Goldman: Breaking the Chain: An Attacker’s Perspective on Supply Chain Vulnerabilities and Flaws
- Roni Gavrilov : Cloudy With a Chance of Exploits: Compromising Critical Infrastructure Through IIoT Cloud Solutions
- Neil Wyler,Bart Stump :The Black Hat Asia NOC Report
- Alex Matrosov,Richard Hughes, Kai Michaelis: The Various Shades of Supply Chain: SBOM, N-Days and Zero Trust
- Gaurav Keerthi: Fireside Chat: Jeff Moss and Gaurav Keerthi
برای دسترسی به ارائه ها میتونید از سایت خود کنفرانس یا بصورت یکجا از گیتهابمون اقدام کنید.
نکته: تقریبا 10 مورد از ارائه ها، اسلایدشون منتشر نشده ، در صورتیکه پابلیک بشه، اضافه میشه.