Tag: Black Hat 2018 Briefings

Applied Self-Driving Car Security

In this talk, two researchers who have headed self-driving car security teams for multiple companies will discuss how self driving cars work, how they might be attacked, and how they can ultimately be secured. By Charlie Miller & Chris Valasek...

/ January 15, 2020

Practical Web Cache Poisoning: Redefining ‘Unexploitable’

Modern web applications are composed from a crude patchwork of caches and content delivery networks. In this session I’ll show you how to compromise websites by using esoteric web features to turn their caches into exploit delivery systems, targeting everyone...

/ January 15, 2020

Protecting the Protector, Hardening Machine Learning Defenses Against Adversarial Attacks

We’ll discuss several strategies to make machine learning models more tamper resilient. We’ll compare the difficulty of tampering with cloud-based models and client-based models. By Holly Stewart + Jugal Parikh + Randy Treit Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#protecting-the-protector-hardening-machine-learning-defenses-against-adversarial-attacks-11669

/ January 15, 2020

Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities

Writing a working exploit for a vulnerability is generally challenging, time-consuming, and labor-intensive. To address this issue, automated exploit generation techniques can be adopted. By Jimmy Su + Wei Wu + Xinyu Xing Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#from-thousands-of-hours-to-a-couple-of-minutes-automating-exploit-generation-for-arbitrary-types-of-kernel-vulnerabilities-10389

/ January 15, 2020

Another Flip in the Row

The Rowhammer bug is an issue in most DRAM modules which allows software to cause bit flips in DRAM cells, consequently manipulating data. Although only considered a reliability issue by DRAM vendors, research has showed that a single bit flip...

/ January 15, 2020

Playback: A TLS 1.3 Story

This talk will describe the technical details regarding the TLS 1.3 0-RTT feature and its associated risks. It will include Proof of Concepts (PoC) showing real-world replay attacks against TLS 1.3 libraries and browsers. Finally, potential solutions or mitigation controls...

/ January 15, 2020

WebAssembly: A New World of Native Exploits on the Browser

The goal of this talk is to provide a basic introduction to WebAssembly and examine the actual security risks that a developer may take on by using it. We will cover the low-level semantics of WebAssembly, including the Javascript API,...

/ January 15, 2020

For the Love of Money: Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems

In this talk, we ask what are the security and fraud implications of removing the economic barriers to accepting card payments; and what are the risks associated with continued reliance on old card standards like mag-stripe? In the past, testing...

/ January 15, 2020

IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies

Computer malware in all its forms is nearly as old as the first PCs running commodity OSes, dating back at least 30 years. However, the number and the variety of “computing devices” dramatically increased during the last several years. Therefore,...

/ January 15, 2020

It’s a PHP Unserialization Vulnerability Jim, but Not as We Know It

The presentation will include demos of long lived and previously unidentified RCE exploits against some of the most widely deployed open source PHP web applications and libraries. By Sam Thomas Full Abstract and Materials: https://www.blackhat.com/us-18/briefings/schedule/#its-a-php-unserialization-vulnerability-jim-but-not-as-we-know-it-11078

/ January 15, 2020

Mainframe [z/OS] Reverse Engineering and Exploit Development

Speak with any Fortune 500 running mainframe and they’ll tell you two things: (1) without their mainframes they’d be out of business (2) they do not conduct any security research on them, let alone vulnerability scans. The most infuriating part...

/ January 15, 2020

Automated Discovery of Deserialization Gadget Chains

Although vulnerabilities stemming from the deserialization of untrusted data have been understood for many years, unsafe deserialization continues to be a vulnerability class that isn’t going away. Attention on Java deserialization vulnerabilities skyrocketed in 2015 when Frohoff and Lawrence published...

/ January 15, 2020