Watch Queue
Queue
Watch QueueQueue
The next video is starting
Loading...
-
-
-
-
Sign in now to see your channels and recommendations!
Watch Queue
Queue
__count__/__total__
-
Black Hat uploaded a video 2 months agoARMageddon: How Your Smartphone CPU Breaks Software-Level Security and Privacy - Duration: 40 minutes.
by Moritz Lipp & Clémentine Maurice
In the last years, mobile devices and smartphones have become the most important personal computing platform. Besides phone calls and managing the personal ad... -
Black Hat uploaded a video 2 months ago
Breaking BHAD: Abusing Belkin Home Automation Devices - Duration: 48 minutes.
by Scott Tenaglia & Joe Tanen
In 2013 and 2014 several high profile vulnerabilities were found in Belkin's WeMo line of home automation devices. Belkin not only patched most of those vulnerabili... -
Black Hat uploaded a video 2 months ago
EGO MARKET: When People's Greed for Fame Benefits Large-Scale Botnets - Duration: 49 minutes.
by Masarah Paquet-Clouston & Olivier Bilodeau
Want to give your blog a push or your "gun show" more views? Then why not buy 50,000 fake followers for $1,000! Click farms from down South or botne... -
Black Hat uploaded a video 2 months ago
DRAMA: How Your DRAM Becomes a Security Problem - Duration: 51 minutes.
by Michael Schwarz & Anders Fogh
In this talk, we will present our research into how the design of DRAM common to all computers and many other devices makes these computers and devices insecure.... -
Black Hat uploaded a video 2 months ago
Witchcraft Compiler Collection: Towards Self Aware Computer Programs - Duration: 54 minutes.
by Jonathan Brossard
With this presentation, we take a new approach to reverse engineering. Instead of attempting to decompile code, we seek to undo the work of the linker and produce relocatable ... -
Black Hat uploaded a video 2 months ago
Exploiting Curiosity and Context: How to Make People Click on a Dangerous Link... - Duration: 43 minutes.
by Zinaida Benenson
Messages containing links to malware-infected websites represent a serious threat. Despite the numerous user education efforts, people still click on suspicious links and attac... -
Black Hat uploaded a video 2 months ago
Applied Machine Learning for Data Exfil and Other Fun Topics - Duration: 43 minutes.
by Matt Wolff & Brian Wallace & Xuan Zhao
Machine learning techniques have been gaining significant traction in a variety of industries in recent years, and the security industry is no excepti... -
Black Hat uploaded a video 2 months ago
A Journey From JNDI/LDAP Manipulation to Remote Code Execution Dream Land - Duration: 48 minutes.
by Alvaro Munoz & Oleksandr Mirosh
JNDI (Java Naming and Directory Interface) is a Java API that allows clients to discover and look up data and objects via a name. These objects can be stored i... -
Black Hat uploaded a video 2 months ago
$Hell on Earth: From Browser to System Compromise - Duration: 49 minutes.
by Matt Molinyawe & Jasiel Spelman & Abdul-Aziz Hariri & Joshua Smith
The winning submissions to Pwn2Own 2016 provided unprecedented insight into the state of the art in software exploitatio... -
Black Hat uploaded a video 2 months ago
The Linux Kernel Hidden Inside Windows 10 - Duration: 52 minutes.
by Alex Ionescu
Initially known as "Project Astoria" and delivered in beta builds of Windows 10 Threshold 2 for Mobile, Microsoft implemented a full blown Linux 3.4 kernel in the core of the Windo... -
Black Hat uploaded a video 2 months ago
HTTP/2 & Quic - Teaching Good Protocols to Do Bad Things - Duration: 51 minutes.
by Catherine (Kate) Pearce & Carl Vincent
The meteoric rise of SPDY, HTTP/2, and QUIC has gone largely unremarked upon by most of the security field. QUIC is an application-layer UDP-based proto... -
Black Hat uploaded a video 2 months ago
Can You Trust Me Now? An Exploration Into the Mobile Threat Landscape - Duration: 43 minutes.
by Josh Thomas & Shawn Moyer
Before we dive into specific mobile vulnerabilities and talk as if the end times are upon us, let us pop the stack and talk about how the mobile environment works as... -
Black Hat uploaded a video 2 months ago
Breaking Payment Points of Interaction (POI) - Duration: 49 minutes.
by Nir Valtman & Patrick Watson
The payment industry is becoming more driven by security standards. However, the corner stones are still broken even with the latest implementations of these paym... -
Black Hat uploaded a video 2 months ago
Capturing 0Day Exploits With Perfectly Placed Hardware Traps - Duration: 48 minutes.
by Cody Pierce & Matt Spisak & Kenneth Fitch
The security industry has gone to great lengths to make exploitation more difficult. Yet we continue to see weaponized exploits used in malware cam... -
Black Hat uploaded a video 2 months ago
Beyond the Mcse: Active Directory for the Security Professional - Duration: 49 minutes.
by Sean Metcalf
Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, authentication, and management capabilities. This means that both Red and Blue teams need... -
Black Hat uploaded a video 2 months ago
Augmenting Static Analysis Using Pintool: Ablation - Duration: 42 minutes.
by Paul Mehta
Ablation is a tool built to extract information from a process as it executes. This information is then imported into the disassembly environment where it used to resolve virtual cal... -
Black Hat uploaded a video 2 months ago
Abusing Bleeding Edge Web Standards for Appsec Glory - Duration: 43 minutes.
by Bryant Zadegan & Ryan Lester
Through cooperation between browser vendors and standards bodies in the recent past, numerous standards have been created to enforce stronger client-side control ... -
Black Hat uploaded a video 2 months ago
A Retrospective on the Use of Export Cryptography - Duration: 50 minutes.
by David Adrian
TLS has experienced three major vulnerabilities stemming from "export-grade" cryptography in the last year---FREAK, Logajm, and Drown. Although regulations limiting the strength of... -
Black Hat uploaded a video 2 months ago
Measuring Adversary Costs to Exploit Commercial Software... - Duration: 49 minutes.
by Mudge & Sarah Zatko
Many industries, provide consumers with data about the quality, content, and cost of ownership of products, but the software industry leaves consumers with very little dat... -
Black Hat uploaded a video 2 months ago
Memory Forensics Using Virtual Machine Introspection for Cloud Computing - Duration: 32 minutes.
by Tobias Zillner
The relocation of systems and services into cloud environments is on the rise. Because of this trend users lose direct control over their machines and depend on the offered servi... -
Black Hat uploaded a video 2 months ago
Hackproofing Oracle Ebusiness Suite - Duration: 49 minutes.
by David Litchfield
A recent security review by David Litchfield of Oracle's eBusiness Suite (fully patched) revealed it is vulnerable to a number of (unauthenticated) remote code execution flaws,... -
Black Hat uploaded a video 2 months ago
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS - Duration: 49 minutes.
by Sean Devlin & Hanno Böck & Aaron Zauner & Philipp Jovanovic
We investigate nonce-reuse issues with the Galois/Counter Mode (GCM) algorithm as used in TLS. Nonce reuse in GCM allows an att... -
Black Hat uploaded a video 2 months ago
Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root - Duration: 54 minutes.
by Liang Chen & Qidan He & Marco Grassi & Yubin Fu
Apple graphics, both the userland and the kernel components, are reachable from most of the sandboxed applications, including browsers, whe... -
Black Hat uploaded a video 2 months ago
Drone Attacks on Industrial Wireless: A New Front in Cyber Security - Duration: 42 minutes.
by Jeff Melrose
With new Drone technologies appearing in the consumer space daily, Industrial Plant operators are being forced to rethink their most fundamental assumptions about Industrial Wirele... -
Black Hat uploaded a video 2 months ago
Adaptive Kernel Live Patching: An Open Collaborative Effort... - Duration: 47 minutes.
by Yulong Zhang & Tao Wei
Although 0-day exploits are dangerous, we have to admit that the largest threat for Android users are kernel vulnerabilities that have been disclosed but remain unfixed... -
Black Hat uploaded a video 2 months ago
Canspy: A Platform for Auditing Can Devices - Duration: 42 minutes.
by Jonathan-Christofer Demay & Arnaud Lebrun
In the past few years, several tools have been released allowing hobbyists to connect to CAN buses found in cars. This is welcomed as the CAN protoco... -
Black Hat uploaded a video 2 months ago
Captain Hook: Pirating AVS to Bypass Exploit Mitigations - Duration: 38 minutes.
by Udi Yavo & Tomer Bitton
Put a low-level security researcher in front of hooking mechanisms and you get industry-wide vulnerability notifications, affecting security tools such as Anti-Virus, ... -
Black Hat uploaded a video 2 months ago
Breaking Kernel Address Space Layout Randomization (KASLR) With Intel TSX - Duration: 50 minutes.
by Yeongjin Jang & Sangho Lee & Taesoo Kim
Kernel hardening has been an important topic, as many applications and security mechanisms often consider the kernel their Trusted Computing Base (TC... -
Black Hat uploaded a video 2 months ago
GreatFET: Making GoodFET Great Again - Duration: 45 minutes.
by Michael Ossmann
My evil plot began by making small but seemingly helpful contributions to the GoodFET project, a line of code here, a simple add-on board there. Soon I was answering the occasio... -
Black Hat uploaded a video 2 months ago
Pwning Your Java Messaging With Deserialization Vulnerabilities - Duration: 48 minutes.
by Matthias Kaiser
Messaging can be found everywhere. It's used by your favourite Mobile Messenger as well as in your bank's backend system. Message Brokers such as Pivotal's RabbitMQ, IBM's WebSp... -
Black Hat uploaded a video 2 months ago
Xenpwn: Breaking Paravirtualized Devices - Duration: 53 minutes.
by Felix Wilhelm
Instead of simply emulating old and slow hardware, modern hypervisors use paravirtualized devices to provide guests access to virtual hardware. Bugs in the privileged backend comp... -
Black Hat uploaded a video 2 months ago
Design Approaches for Security Automation - Duration: 37 minutes.
by Peleus Uhley
Organizations often scale at a faster pace than their security teams. Therefore, security teams need to deploy automation that can scale their processes. When it comes to your orga... -
Black Hat uploaded a video 2 months ago
Into the Core: In-Depth Exploration of Windows 10 IoT Core - Duration: 50 minutes.
by Paul Sabanal
The Internet of Things is becoming a reality, and more and more devices are being introduced into the market every day. With this, the demand for technology that would ease device ... -
Black Hat uploaded a video 2 months ago
AMSI: How Windows 10 Plans to Stop Script-Based Attacks and How Well It Does It - Duration: 46 minutes.
by Nikhil Mittal
In Windows 10, Microsoft introduced the AntiMalware Scan Interface (AMSI) which is designed to target script-based attacks and malware. Script-based attacks have been lethal for e... -
Black Hat uploaded a video 2 months ago
Viral Video - Exploiting SSRF in Video Converters - Duration: 34 minutes.
by Nikolay Ermishkin & Maxim Andreev
Many web applications allow users to upload video - video/image hostings, cloud storages, social networks, instant messengers, etc. Typically, developers wan... -
Black Hat uploaded a video 2 months ago
Crippling HTTPs With Unholy PAC - Duration: 43 minutes.
by Itzik Kotler & Amit Klein
You're in a potentially malicious network (free WiFi, guest network, or maybe your own corporate LAN). You're a security conscious netizen so you restrict yourself t... -
Black Hat uploaded a video 2 months ago
Intra-Process Memory Protection for Applications on ARM and X86: Leveraging the ELF ABI - Duration: 51 minutes.
by Sergey Bratus & Maxwell Koo & Julian Bangert
Today's software needs to isolate not only processes but the many components *within* a process from each other. Process-level isolation via jai... -
Black Hat uploaded a video 2 months ago
1000 Ways to Die in Mobile Oauth - Duration: 47 minutes.
by Yuan Tian & Eric Chen & Shuo Chen & Yutong Pei & Robert Kotcher & Patrick Tague
OAuth has become a highly influential protocol due to its swift and wide adoption in the industry. The ... -
Black Hat uploaded a video 2 months ago
Recover a RSA Private Key From a TLS Session With Perfect Forward Secrecy - Duration: 42 minutes.
by Marco Ortisi
They always taught us that the only thing that can be pulled out from a SSL/TLS session using strong authentication and latest Perferct Forward Secrecy ciphersuites is the public k... -
Black Hat uploaded a video 2 months ago
AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion - Duration: 27 minutes.
by Alexei Bulazel
AVLeak is a tool for fingerprinting consumer antivirus emulators through automated black box testing. AVLeak can be used to extract fingerprints from AV emulators that may be use... -
Black Hat uploaded a video 2 months ago
I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache - Duration: 28 minutes.
by Cara Marie
A decompression bomb attack is relatively simple to perform --- but can be completely devastating to developers who have not taken the time to properly guard their applications again... -
Black Hat uploaded a video 2 months ago
Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool - Duration: 39 minutes.
by Slawomir Jasek
Bluetooth Low Energy is probably the most thriving technology implemented recently in all kinds of IoT devices: gadgets, wearables, smart homes, medical equipment and even bankin... -
Black Hat uploaded a video 2 months ago
Towards a Holistic Approach in Building Intelligence to Fight Crimeware - Duration: 49 minutes.
by Dhia Mahjoub & Mykhailo Sakaly & Thomas Mathew
To defeat your adversaries, it is crucial to understand how they operate and to develop a comprehensive view of their playing field. In this t... -
Black Hat uploaded a video 2 months ago
An Insider's Guide to Cyber-Insurance and Security Guarantees - Duration: 50 minutes.
by Jeremiah Grossman
$75 billion. That's the amount of money businesses, governments, and individuals pay every year to security companies. While some security companies provide good value, the re... -
Black Hat uploaded a video 2 months ago
Does Dropping USB Drives in Parking Lots and Other Places Really Work? - Duration: 34 minutes.
by Elie Bursztein
At every Black Hat you will inevitably hear hackers boasting that they can break into any company by dropping a malicious USB drive in the company's parking lot. This anecdote ha... -
Black Hat uploaded a video 2 months ago
Access Keys Will Kill You Before You Kill the Password - Duration: 31 minutes.
by Loic Simon
AWS users, whether they are devops in a startup or system administrators tasked with migrating an enterprise service into the cloud, interact on a daily basis with the AWS APIs, usin... -
Black Hat uploaded a video 2 months ago
Account Jumping Post Infection Persistency & Lateral Movement in AWS - Duration: 34 minutes.
by Dan Amiga & Dor Knafo
The widespread adoption of AWS as an enterprise platform for storage, computing and services makes it a lucrative opportunity for the development of AWS focused APTs. We... -
Black Hat uploaded a video 2 months ago
Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools - Duration: 46 minutes.
by Wesley McGrew
Following previous presentations on the dangers penetration testers face in using current off-the-shelf tools and practices, this presentation explores how widely available learni... -
Black Hat uploaded a video 2 months ago
Using EMET to Disable EMET - Duration: 51 minutes.
by Abdulellah Alsaheel & Raghav Pande
Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a project that adds security mitigations to user mode programs beyond those built in to the ope... -
Black Hat uploaded a video 2 months ago
Cyber War in Perspective: Analysis From the Crisis in Ukraine - Duration: 28 minutes.
by Kenneth Geers
The conflict between Russia and Ukraine appears to have all the ingredients for "cyber war". Moscow and Kyiv are playing for the highest geopolitical stakes, and both countries ha...
Related channels
-
DEFCONConference - Channel
-
Hak5 - Channel
-
N-O-D-E - Channel
-
Adrian Crenshaw - Channel
-
LiveOverflow - Channel
-
HackersOnBoard - Channel