Top reports Black Hat USA 2016

Black Hat USA 2016 is a conference that brings together the best minds in the field of security (hackers and tsrushnikov) to determine what future we will live. What was in Vegas, then remains in Vegas. But still we got 120 video reports.







I was a little excited and chose a personal list of the top 18 most interesting reports, which may be worth translating into Russian and publish on Habré.

')

Social engineering, DDoS, linguistic features of telephone scams, insurance in the field of information security, Dragons & Dungeons for cybersecurity, attacks on third-party channels, a lot of (black) humor, drones.

Offer your options, which report is the most interesting, maybe I missed something.





List from DARKreading 10 Hottest Talks at Black Hat USA 2016

• Advanced CAN Injection Techniques for Vehicle Networks
• Breaking FIDO: Are Exploits In There?
• Design Approaches for Security Automation
• Beyond Socks: Advanced Cross-Site Search Attacks
• Windows 10 Mitigation Improvements
• The Linux Kernel Hidden Inside Windows 10
• 1000 Ways to Die in Mobile OAuth
• GATTacking Bluetooth Smart Devices — Introducing a New BLE Proxy Tool
• Into The Core — An In-Depth Exploration Of Windows 10 IoT Core
• A Lightbulb Worm?

Dangerous Link Despite Their Security Awareness

slides

Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud

PDF slides

Drone Attacks on Industrial Wireless: A New Front in Cyber ​​Security

slides

Using Undocumented CPU for Kaslr in the Process

slides

Secure Penetration Testing Operations: Demonstrated Websites in Learning Material and Tools

slides

1000 Ways to Die in Mobile Oauth

slides

Security and Security Guidelines

slides

Investigating DDOS - Architecture Actors and Attribution

Language Properties Of Phone Scammers: Cyberdefense At The Level Of The Human

slides

The Tao of Hardware

slides

Spear Phishing Weaponizing Data for Social Engineering Spear Phishing on Twitter

slides

Cyber ​​War in Perspective: Analysis From the Crisis in Ukraine

slides

Security Through Design - Making Security

slides

Side-Channel Attacks on Everyday Applications

slides

Dungeons Dragons and Security

slides

VoIP Wars: the Phreakers Awaken

slides

Defensible Cyberspace Defense At Hyperscale: Technologies & Policies

slides

Brute-Forcing Lockdown Harddrive Pin Codes

slides

List of all reports

Playlist here: Black Hat USA 2016 PlayList

1. How It Could Lose It And The Role Hackers Play
2. A Journey From JNDI / LDAP Manipulation to Remote Code Execution Dream Land
3. The Art of Defense - How To Vulnerabilities Help for Android
4. Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud
5. Applied Machine Learning for Data Exfil and Other Fun Topics
6. Canspy: A Platform for Auditing Can Devices
7. Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization
8. Over the Edge: Silently Owning Windows 10's Secure Browser
9. Dangerous Link Despite Their Security Awareness
10. Certificate Bypass: Hiding and Executing Malware From a Digitally Signed Executable
11. Beat the Curtain
12. Drone Attacks on Industrial Wireless: A New Front in Cyber ​​Security
13. Hackproofing Oracle Ebusiness Suite
14. Using Undocumented CPU for Kaslr in the Process
15. Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool
16. Measuring Adversary Costs to Exploit Commercial Software
17. Removing Roadblocks to Diversity
18. HEIST: HTTP Encrypted Information Can Be Stolen Through TCP-Windows
19. Memory Forensics Using Virtual Machine Introspection for Cloud Computing
20. Secure Penetration Testing Operations: Demonstrated Websites in Learning Material and Tools
21. Nonce-Disrespecting Adversaries: Practical Forces Attacks on GCM in TLS
22. Towards a Holistic Approach in Crime Intelligence
23. Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root
24. The Remote Malicious Butler Did It!
25. Xenpwn: Breaking Paravirtualized Devices
26. Pwnie
27. An Open Collaborative Effort to Ameliorate Android N-Day Root Exploits
28. Understanding HL7 2.X Standards, Pen Testing, and Defending HL7 2.X Messages
29. 1000 Ways to Die in Mobile Oauth
30. A Retrospective on the Use of Export Cryptography
31. Windows 10 Segment Heap Internals
32. Abusing Bleeding Edge Web Standards for Appsec Glory
33. AMSI: How It Does It
34. Analysis of the Attack Surface of Windows 10 Virtualization-Based Security
35. Augmenting Static Analysis Using Pintool: Ablation
36. Security and Security Guidelines
37. Cunning With Cng: Soliciting Secrets From Schannel
38. Beyond the Mcse: Active Directory for the Security Professional
39. Does Usb Driving in Parking Lots and Other Places Really Work?
40. Demystifying the Secure Enclave Processor
41. I Came to Drop Bombs: Auditing the Compression Algorithm Weapon Cache
42. Breaking Payment Points of Interaction (POI)
43. Into the Core: In-Depth Exploration of Windows 10 IoT Core
44. Hacking Next-Gen Atms: From Capture to Cashout
45. Can You Trust Me Now? An Exploration Into the Mobile Threat Landscape
46. Investigating DDOS - Architecture Actors and Attribution
47. Intra-Process Memory Protection for ARM and X86: Leveraging the ELF ABI
48. Capturing 0Day Exploits With Perfectly Placed Hardware Traps
49. Next-Generation Of Exploit Kit Detection By Building Simulated Obfuscators
50. HTTP / 2 & Quic - Teaching Bad Things
51. Pwning Your Java Messaging With Deserialization Vulnerabilities
52. Language Properties Of Phone Scammers: Cyberdefense At The Level Of The Human
53. Recover a RSA Private Key From a TLS Session With Perfect Forward Secrecy
54. The Linux Kernel Hidden Inside Windows 10
55. O-Checker: Detection of Malicious Documents
56. The Tao of Hardware
57. Will Kill the Password
58. Hell on Earth: From Browser to System Compromise
59. Discovering and Exploiting Novel Security Vulnerabilities in Apple Zeroconf
60. Badwpad
61. Breaking Kernel Address Space Layout Randomization (Kaslr) With Intel TSX
62. Airbnbeware: Short Term Rentals Long Term Pwnage
63. Account Jumping Post Infection Persistency & Lateral Movement in AWS
64. Captain Hook: Pirating Avs to Bypass Exploit Mitigations
65. Hardening AWS Environments and Automating Incident Response for AWS Compromises
66. Crippling HTTPs With Unholy PAC
67. Horse Pill: A New Type of Linux Rootkit
68. Design Approaches for Security Automation
69. Greatfet: Making Goodfet Great Again
70. SGX Secure Enclaves in Practice: Security and Crypto Review
71. Using EMET to Disable EMET
72. Spear Phishing Weaponizing Data for Social Engineering Spear Phishing on Twitter
73. Viral Video - Exploiting Ssrf in Video Converters
74. AVLeak: Fingerprinting Antivirus Emulators for Advanced Malware Evasion
75. Windows 10 Mitigation Improvements
76. Brute-Forcing Lockdown Harddrive Pin Codes
77. Building a Product Security Incident Response Team: Learnings From the Hivemind
78. Bad for Enterprise: Attacking BYOD Enterprise Mobile Security Solutions
79. Cyber ​​War in Perspective: Analysis From the Crisis in Ukraine
80. Breaking Fido: Are Exploits in There?
81. Security Through Design - Making Security
82. Iran's Soft-War for Internet Dominance
83. Side-Channel Attacks on Everyday Applications
84. The Risk Of G3 And The Interfere Attack
85. Unleash the Infection Monkey: A Modern Alternative to Pen-Tests
86. OSS Security Maturity: Time to Put on Your Big Boy Pants!
87. Watching Commodity Malware Get Sold to a Targeted Actor
88. PanGu 9 Internals
89. A Lightbulb Worm?
90. BadTunnel: How Do I Get Big Brother Power?
91. PLC-Blaster: A Worm Living Solely in the PLC
92. A Risk-Based Approach for Defining User Privileges
93. Dungeons Dragons and Security
94. The year in flash
95. Dark Side of the DNS Force
96. VoIP Wars: the Phreakers Awaken
97. Keystone Engine: Next Generation Assembler Framework
98. Pindemonium: A DBI-Based Generic Unpacker for Windows Executable
99. Web Application Firewalls: Analysis of Detection Logic
100. Defensible Cyberspace Defense At Hyperscale: Technologies & Policies
101. Crumbling the Fcc Protects Your Internet Traffic
102. Advanced Can Injection Techniques for Vehicle Networks
103. What's the DFIRence for ICS?
104. Samsung Pay: Tokenized Numbers Flaws and Issues
105. Breaking Hardware-Enforced Security With Hypervisors
106. Behind the Scenes of iOS Security
107. HTTP Cookie Hijacking in the Wild: Security and Privacy Implications
108. Ouroboros: Tearing Xen Hypervisor With the Snake
109. Dptrace: Dual Purpose Trace for Exploitability Analysis of Crashes Program
110. TCP Injection Attacks in the Wild - a Large Scale Study
111. The Art of Reverse Engineering Flash Exploits
112. Beyond Socks: Advanced Cross-Site Search Attacks
113. Using An Expanded Cyber ​​Kill
114. Government Sponsored Malware Attacks Against Activists Lawyers and Journalists
115. An Ai Approach to Malware Similarity Analysis: Mapping the Malware Genome With a Deep Neural Network
116. Trademark for Key-Directory Encryption Systems
117. Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking?
118. Building Trust & Enabling Innovation for Voice Enabled IoT
119. The Beast Within - Evading Dynamic Malware Analysis Using Microsoft.com
120. Handling Technical Assistance Demands From Law Enforcement

Articles "based on" speeches in Russian

You found a USB flash drive. Should I use it?

Does Usb Driving in Parking Lots and Other Places Really Work?

slides





Researcher found gaps in the Samsung Pay payment system, but Samsung denies everything

Samsung Pay: Tokenized Numbers, Flaws and Issues

slides

---

Publication support is the Edison company, which develops an application for the design of prefabricated houses , as well as writes software for dispatching heavy trucks on a coal mine .