Tag: Black Hat

How can Someone with Autism Specifically Enhance the Cyber Security Workforce?

This session outlines how someone with Autism Spectrum Disorder (ASD) offers a unique skillset that can be very helpful in the cybersecurity field. By Casey Hurt + Dr. Stacy Thayer + Rhett Greenhagen Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#how-can-someone-with-autism-specifically-enhance-the-cyber-security-workforce-11336

/ January 15, 2020

Last Call for SATCOM Security

In 2014, we took to the stage and presented “A Wake-up Call for SATCOM Security,” during which we described several theoretical scenarios that could result from the disturbingly weak security posture of multiple SATCOM products. Four years later, we are...

/ January 15, 2020

The Science of Hiring and Retaining Female Cybersecurity Engineers

The wisdom on why it is difficult to recruit and retain women in the industry has changed over the past decade; the speaker will share the latest information about the most successful approaches and results from a recent working group...

/ January 15, 2020

From Workstation to Domain Admin: Why Secure Administration isn’t Secure and How to Fix it

Organizations have been forced to adapt to the new reality: Anyone can be targeted and many can be compromised. This has been the catalyst for many to tighten up operations and revamp ancient security practices. They bought boxes that blink...

/ January 15, 2020

Beating the Blockchain by Mapping Out Decentralized Namecoin and Emercoin Infrastructure

The Namecoin and Emercoin blockchains were designed to provide decentralized and takedown-resistant domain names to users with the reported goal of promoting free speech. By leveraging unofficial Top-Level Domains (TLDs) such as .bit and alternate DNS resolution methods such as...

/ January 15, 2020

Demystifying PTSD in the Cybersecurity Environment

In this talk, I will speak to my own story of PTSD – from military service in Afghanistan to a very unique medical trauma – and how it has shaped not just my life, but my work in cybersecurity. Principally,...

/ January 15, 2020

Squeezing a Key through a Carry Bit

The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations. We show how to build a full practical key recovery attack on top of...

/ January 15, 2020

Reconstruct the World from Vanished Shadow: Recovering Deleted VSS Snapshots

Volume Shadow Copy Service (VSS) is a backup feature for recent Windows OSes. You can create storage snapshots by using VSS. If users refer to snapshots, they can recover its contents. VSS is one of the most important things to...

/ January 15, 2020

Your Voice is My Passport

Financial institutions, home automation products, and hi-tech offices have increasingly used voice fingerprinting as a method for authentication. Recent advances in machine learning have shown that text-to-speech systems can generate synthetic, high-quality audio of subjects using audio recordings of their...

/ January 15, 2020

Are You Trading Stocks Securely? Exposing Security Flaws in Trading Technologies

With the advent of electronic trading platforms and networks, the exchange of financial securities now is easier and faster than ever; but this comes with inherent risks. Nowadays, not only rich people can invest in the money markets, but also...

/ January 15, 2020

New Norms and Policies in Cyber-Diplomacy

After the last round of the UN sponsored consultations on international cybersecurity collapsed in 2016, the international situation in cyber diplomacy has been in flux: will there be other UN rounds of discussion? Will private sector-organized initiatives claim a role?...

/ January 15, 2020

AI & ML in Cyber Security – Why Algorithms are Dangerous

In this talk, I will show the limitations of machine learning, outline the issues of explainability, and show where deep learning should never be applied. I will show examples of how the blind application of algorithms (including deep learning) actually...

/ January 15, 2020