Tag: Black Hat USA

None of My Pixel is Your Business: Active Watermarking Cancellation Against Video Streaming Service
Live video streaming services are getting more and more popular in China. In order to ensure their own interests, various service providers have added visible watermarks, which have become increasingly fierce and vicious. Users (originators and viewers) are fed up...

TLBleed: When Protecting Your CPU Caches is Not Enough
We present TLBleed, a novel side-channel attack that leaks information out of Translation Lookaside Buffers (TLBs). TLBleed shows a reliable side channel without relying on the CPU data or instruction caches. By Ben Gras Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#tlbleed-when-protecting-your-cpu-caches-is-not-enough-10149

WebAssembly: A New World of Native Exploits on the Browser
The goal of this talk is to provide a basic introduction to WebAssembly and examine the actual security risks that a developer may take on by using it. We will cover the low-level semantics of WebAssembly, including the Javascript API,...

It’s a PHP Unserialization Vulnerability Jim, but Not as We Know It
The presentation will include demos of long lived and previously unidentified RCE exploits against some of the most widely deployed open source PHP web applications and libraries. By Sam Thomas Full Abstract and Materials: https://www.blackhat.com/us-18/briefings/schedule/#its-a-php-unserialization-vulnerability-jim-but-not-as-we-know-it-11078

Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECUs of Tesla Cars
In this presentation, we will explain the inner workings of this technology and showcase the new capability that was developed in the Tesla hacking 2017. Multiple 0-days of different in-vehicle components are included in the new attack chain. By Ling...

Last Call for SATCOM Security
In 2014, we took to the stage and presented “A Wake-up Call for SATCOM Security,” during which we described several theoretical scenarios that could result from the disturbingly weak security posture of multiple SATCOM products. Four years later, we are...

Catch me, Yes we can! – Pwning Social Engineers
Social engineering is a big problem but very little progress has been made in stopping it, aside from the detection of email phishing. Social engineering attacks are launched via many vectors in addition to email, including phone, in-person, and via...

Lessons and Lulz: The 4th Annual Black Hat USA NOC Report
Back with another year of soul crushing statistics, the Black Hat NOC team will be sharing all of the data that keeps us equally puzzled, and entertained, year after year. We’ll let you know all the tools and techniques we’re...

Stop that Release, There’s a Vulnerability!
This presentation looks at the real world process of the BlackBerry Product Security team. In partnership with product owners, developers, and senior leaders, they’ve spent many years developing and refining a software defect tracking system and a risk-based release evaluation...

Pestilential Protocol: How Unsecure HL7 Messages Threaten Patient Lives
Healthcare infosec is in critical condition- too few bodies, underfunded to a fault, and limping along on legacy systems stuffed with vulnerabilities. From exploited insulin/medication pumps to broken pacemakers, no implantable or medical device is safe. But there’s an even...

InfoSec Philosophies for the Corrupt Economy
This talk discusses the realities of corruption, with real-life anecdotes from interviews conducted with real criminals and victims. This talk also explains the challenges and differences between trying to ‘do’ information security in developed and developing countries, where often corruption...

Every ROSE has its Thorn: The Dark Art of Remote Online Social Engineering
In this talk, I place ROSE within the context of other false personae activities – trolling, sockpuppetry, bots, catfishing, and others – using detailed case studies, and provide a comprehensive and in-depth methodology of an example ROSE campaign, from target...