اسلایدهای کنفرانس Black Hat Asia 2023

زمان مطالعه: 3 دقیقه

کنفرانس Black Hat Asia ، امسال 9 تا 12 مه ، 19 تا 22 اردیبهشت، در سنگاپور برگزار شد.

ارائه ها در دو روز بود و در کنار اون ، موارد دیگه ای مانند برنامه های آموزشی و ورکشاپ هم برگزار شد.

لیست ارائه هایی که امسال در این کنفرانس بودن:

 

• Xiaosheng Tan: Keynote – Preparing the Long Journey for Data Security
• Simon Scannell, Valentina Palmiotti , Juan José López : Alice in Kernel Land: Lessons Learned From the eBPF Rabbit Hole
• Rohan Aggarwal :Bypassing Anti-Cheats & Hacking Competitive Games
• Guangdong Bai, Qing Zhang : Revisiting Stealthy Sensitive Information Collection from Android Apps
• Lorin Wu, Porot Mo: When Knowledge Graph Meets TTPs: Highly Automated and Adaptive Executable TTP Intelligence for Security Evaluation
• Luyi Xing: Dilemma in IoT Access Control: Revealing Novel Attacks and Design Challenges in Mobile-as-a-Gateway IoT
• Yue-Tien Chen, Zih-Cing Liao : Operation Clairvoyance: How APT Groups Spy on the Media Industry
• Paul Gerste : Stealing With Style: Using CSS to Exploit ProtonMail & Friends
• Yong Wang: Two Bugs With One PoC: Rooting Pixel 6 From Android 12 to Android 13
• Fyodor Yarochkin, Zhengyu Dong : Behind the Scenes: How Criminal Enterprises Pre-infect Millions of Mobile Devices
• Dimitrios Valsamaras: Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors
• Seungjoon Lee, Kwonyoup Kim: Grand Theft House: RF Lock Pick Tool to Unlock Smart Door Lock
• Mikhail Shcherbakov : Prototype Pollution Leads to RCE: Gadgets Everywhere
• Gerardo Fernandez Navarrete : Deception at Scale: How Malware Abuses Trust
• Dagmawi Mulugeta: Insider Threats Packing Their Bags With Corporate Data
• Zitai Chen : PMFault: Voltage Fault Injection on Server Platforms Through the PMBus
• Gabriel Landau: PPLdump Is Dead. Long Live PPLdump!
• Vlad Babkin: firmWar: An Imminent Threat to the Foundation of Computing
• Linus Kvarnhammar : Hacked on National Television
• Antoine Vastel, Konstantina Kontoudi: Leveraging Streaming-Based Outlier Detection and SliceLine to Stop Heavily Distributed Bot Attacks
• Jos Wetzels: Nakatomi Space: Lateral Movement as L1 Post-exploitation in OT
• Fyodor Yarochkin: Forward Focus – The Impact of Artificial Intelligence
• Yoav Alon , Tzah Pahima: Breaking Managed Data Services in the Cloud
• Koh Nakagawa: Dirty Bin Cache: A New Code Injection Poisoning Binary Translation Cache
• Chrisando Ryan Pardomuan Siahaan: E-Meet (or Emit?) My Keystrokes: How Benign Screen-sharing Meetings Could Leak Typing Behaviors
• Mathy Vanhoef, Domien Schepers: Sweet Dreams: Abusing Sleep Mode to Break Wi-Fi Encryption and Disrupt WPA2/3 Networks
• Sandro Pinto, Cristiano Rodrigues: Hand Me Your SECRET, MCU! Microarchitectural Timing Attacks on Microcontrollers are Practical
• Ziling Chen, Nan Wang: New Wine in an Old Bottle: Attacking Chrome WebSQL
• Sarah Young: Security Advocacy Shouldn’t Be for Security Professionals: An Analysis of How the Industry Misses the Mark and How We Can Improve
• Imran Saleem: Weaponizing Mobile Infrastructure: Are Politically Motivated Cyber Attacks a Threat to Democracy?
• Nestori Syynimaa, Sravan Akkaram :Abusing Azure Active Directory: From MFA Bypass to Listing Global Administrators
• Xu Yuanzhen :A New Attack Interface in Java Applications
• Karel Dhondt, Victor Le Pochat: A Run a Day Won’t Keep the Hacker Away: Inference Attacks on Endpoint Privacy Zones in Fitness Tracking Social Networks
• Chiachih Wu, SYuan-Tsung Lo : Fuzzing the Native NTFS Read-Write Driver (NTFS3) in the Linux Kernel
• Zong Cao, Zheng Wang: Attacking the WebAssembly Compiler of WebKit
• Rohit Sehgal : Engaging the Next Generation of Cybersecurity Professionals: The Power of Security Zines
• Xiang Li : Phoenix Domain Attack: Vulnerable Links in Domain Name Delegation and Revocation
• John Uhlmann: You Can Run, but You Can’t Hide – Finding the Footprints of Hidden Shellcode
• Yakir Kadkoda, Ilay Goldman: Breaking the Chain: An Attacker’s Perspective on Supply Chain Vulnerabilities and Flaws
• Roni Gavrilov : Cloudy With a Chance of Exploits: Compromising Critical Infrastructure Through IIoT Cloud Solutions
• Neil Wyler,Bart Stump :The Black Hat Asia NOC Report
• Alex Matrosov,Richard Hughes, Kai Michaelis: The Various Shades of Supply Chain: SBOM, N-Days and Zero Trust
• Gaurav Keerthi: Fireside Chat: Jeff Moss and Gaurav Keerthi

 

 

برای دسترسی به ارائه ها میتونید از سایت خود کنفرانس یا بصورت یکجا از گیتهابمون اقدام کنید.

نکته: تقریبا 10 مورد از ارائه ها، اسلایدشون منتشر نشده ، در صورتیکه پابلیک بشه، اضافه میشه.