Vídeos de RSA USA 2017

Si no tienes nada que hacer este fin de semana, aquí tienes lo vídeos de la conferencia RSA USA 2017. Hello False Flags! The Art of Deception in Targeted Attack Attribution The Blockchain Identity Crisis From Boot-to-Root: A Method for Successful Security Training CISO as Change Agent: Getting to Yes Deconstructing Identity Analytics for Higher Risk Awareness IoT: End of Shorter Days Workplace Violence and IT Sabotage: Two Sides of the Same Coin?
Leer más

Vídeos de Black Hat USA 2016

Ya también están disponibles de los vídeos de Black Hat USA 2016, así como el material presentado: Why This Internet Worked How We Could Lose It and the Role Hackers Play A Journey From JNDI/LDAP Manipulation to Remote Code Execution Dream Land The Art of Defense - How Vulnerabilities Help Shape Security Features and Mitigations in Android Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud Applied Machine Learning for Data Exfil and Other Fun Topics Canspy: A Platform for Auditing Can Devices Dangerous Hare: Hanging Attribute References Hazards Due to Vendor Customization Over the Edge: Silently Owning Windows 10's Secure Browser How to Make People Click on a Dangerous Link Despite Their Security Awareness Certificate Bypass: Hiding and Executing Malware From a Digitally Signed Executable Pay No Attention to That Hacker Behind the Curtain: A Look Inside the Black Hat Network Drone Attacks on Industrial Wireless: A New Front in Cyber Security Hackproofing Oracle Ebusiness Suite Using Undocumented CPU Behavior to See Into Kernel Mode and Break Kaslr in the Process Gattacking Bluetooth Smart Devices - Introducing a New BLE Proxy Tool Measuring Adversary Costs to Exploit Commercial Software Removing Roadblocks to Diversity HEIST: HTTP Encrypted Information Can Be Stolen Through TCP-Windows Memory Forensics Using Virtual Machine Introspection for Cloud Computing Secure Penetration Testing Operations: Demonstrated Weaknesses in Learning Material and Tools Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS Towards a Holistic Approach in Building Intelligence to Fight Crimeware Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root The Remote Malicious Butler Did It!
Leer más

Material de Black Hat USA 2016

Para pasar las tardes de verano, ya tenemos disponible la mayoría del material presentado en Black Hat USA 2016: $hell on Earth: From Browser to System Compromise us-16-Molinyawe-Shell-On-Earth-From-Browser-To-System-Compromise.pdf 1000 Ways to Die in Mobile OAuth us-16-Tian-1000-Ways-To-Die-In-Mobile-OAuth.pdf us-16-Tian-1000-Ways-To-Die-In-Mobile-OAuth-wp.pdf A Journey from JNDI/LDAP Manipulation to Remote Code Execution Dream Land us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE.pdf us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf A Lightbulb Worm? us-16-OFlynn-A-Lightbulb-Worm.pdf us-16-OFlynn-A-Lightbulb-Worm-wp.pdf Abusing Bleeding Edge Web Standards for AppSec Glory us-16-Zadegan-Abusing-Bleeding-Edge-Web-Standards-For-AppSec-Glory.pdf Access Keys Will Kill You Before You Kill the Password us-16-Simon-Access-Keys-Will-Kill-You-Before-You-Kill-The-Password.
Leer más

Vídeos de Black Hat USA 2015

Y después del material, ya podemos acceder también a los vídeos de las presentaciones de Black Hat USA 2015: ZigBee Exploited The Good, The Bad, And The Ugly WSUSpect Compromising The Windows Enterprise Via Windows Update Writing Bad @$$ Malware For OS X Winning The Online Banking War Why Security Data Science Matters & How It’s Different Pitfalls And Promises Of Why Security Data Science Matters & How It’s Different Pitfalls And Promises Of When IoT Attacks Hacking A Linux Powered Rifle Web Timing Attacks Made Practical Using Static Binary Analysis To Find Vulnerabilities And Backdoors In Firmware Unicorn Next Generation CPU Emulator Framework Understanding The Attack Surface & Attack Resilience Of Project Spartan’s New E Understanding And Managing Entropy Usage TrustKit Code Injection On IOS 8 For The Greater Good ThunderStrike 2 Sith Strike THIS IS DeepERENT Tracking App Behaviors With Nothing Changed Phone These’re Not Your Grand Daddy’s CPU Performance Counters CPU Hardware Performa The Tactical Application Security Program Getting Stuff Done The NSA Playset A Year Of Toys And Tools The Node js Highway Attacks Are At Full Throttle The Memory Sinkhole Unleashing An X86 Design Flaw Allowing Universal Privilege The Little Pump Gauge That Could Attacks Against Gas Pump Monitoring Systems The Lifecycle Of A Revolution The Kali Linux Dojo Workshop #2 Kali USB Setups With Persistent Stores & LUKS N The Kali Linux Dojo Workshop #1 Rolling Your Own Generating Custom Kali Linux 2 The Battle For Free Speech On The Internet The Applications Of Deep Learning On Traffic Identification Taxonomic Modeling Of Security Threats In Software Defined Networking Targeted Takedowns Minimizing Collateral Damage Using Passive DNS Taking Event Correlation With You Take A Hacker To Work Day How Federal Prosecutors Use The CFAA Switches Get Stitches Subverting Satellite Receivers For Botnet And Profit Stranger Danger!
Leer más

Material de Black Hat USA 2015

Ya tenemos disponible la mayoría de las presentaciones de la Black Hat USA 2015. La lista es la siguiente: The Lifecycle of a Revolution us-15-Granick-The-Lifecycle-Of-A-Revolution.pdf Abusing Silent Mitigations - Understanding Weaknesses Within Internet Explorers Isolated Heap and MemoryProtection us-15-Gorenc-Abusing-Silent-Mitigations-Understanding-Weaknesses-Within-Internet-Explorers-Isolated-Heap-And-MemoryProtection.pdf us-15-Gorenc-Abusing-Silent-Mitigations-Understanding-Weaknesses-Within-Internet-Explorers-Isolated-Heap-And-MemoryProtection-wp.pdf Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor.pdf us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor-wp.pdf us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent Asynchronous-And-Fileless-Backdoor-WMIBackdoor.ps1 Abusing XSLT for Practical Attacks us-15-Arnaboldi-Abusing-XSLT-For-Practical-Attacks.pdf us-15-Arnaboldi-Abusing-XSLT-For-Practical-Attacks-wp.
Leer más

Material de la Black Hat USA 2014

Como muchos ya sabréis Black Hat USA 2014 se celebró la semana pasada, 2-7 agosto, como de costumbre en Las Vegas. Para los que no tuvieran la fortuna de haber asistido a esta conferencia, al menos podréis disfrutar del material que se presentó en las charlas, y que os enlazo a continuación: Cybersecurity as Realpolitik geer.blackhat.6viii14.txt 48 Dirty Little Secrets Cryptographers Don’t Want You To Know 802.
Leer más

Diapositivas de las Hacker Halted USA 2012

Ya están disponible para descarga las presentaciones de la Hacker Halted USA 2012 celebrada en Miami el pasado mes de octubre. Hackers: Responsibility and Reality - Jack Daniel Using Information Superiority to win the Cybersecurity Battle - Matt Watchinski Strategies for Web Application Security at Scale - Jeremiah Grossman Active Defense - David Willson Building a Cyber Range - Kevin Cardwell Hacking The Big 4 Databases - Josh Shaul Attacking Apache Reverse Proxy - Prutha Parikh Breaking SAP Portal - Dmitry Chastuhin Bring Your Own Destruction - Aamir Lakhani How to successfully get your Cloud through FedRAMP, PCI, & HIPAA - Tom McAndrew & Hemma Prafullchandra Riding on Cloud 9 – Holistic Security for a Euphoric Cloud Experience - Freddie Beaver Architecting and Building a Secure Virtual Infrastructure and Private Cloud - Rob Randell FedRAMP - How the Feds Plan to Manage Cloud Security Risks - Steven Fox Security and Software-Defined Networks - Michael Berman Advanced Industrial Espionage Attacks - Gianni Gnesa Bulletproof IT Security - Gary Miliefsky Go with the Flow: Strategies for Successful Social Engineering - Chris Silvers House of Cards - How not to collapse when bad things happen - Rafal Los Physical Drive-by Downloads – An Android Modders Weakness - Kyle Osborn The Persistent Threat of Mobile Apps – Why Continuous Testing is Key - John Weinschenk Zombie Browsers, spiced with rootkit extensions - Zoltan Balazs Military Targeting Adapted for Hacking - Rock Stevens Own the Network – Own the Data - Paul Coggin Advanced Persistent Pentesting: Fighting Fire with Fire - Jonathan Cran DGAs and Cyber-Criminals: A Case Study - Christopher Elisan Spawnning Reverse Shell With Any IP, Any Time!
Leer más

Er docu der finde: Fábrica de espías

Parte 1⁄5 Parte 2⁄5 Parte 3⁄5 Parte 4⁄5 Parte 5⁄5
Leer más

Presentaciones de la BlackHat USA 2012

Ya están disponibles para descarga el material de las charlas que se dieron en la BlackHat USA 2012 pasado mes de julio en Las Vegas: A Scientific (But Non Academic) Study of How Malware Employs Anti-Debugging, Anti-Disassembly and Anti-Virtualization Technologies BH_US_12_Branco_Scientific_Academic_WP.pdf BH_US_12_Branco_Scientific_Academic_Slides.pdf A Stitch in Time Saves Nine: A Case of Multiple Operating System Vulnerability BH_US_12_Wojtczuk_A_Stitch_In_Time_WP.pdf BH_US_12_Wojtczuk_A_Stitch_In_Time_Slides.pdf Adventures in Bouncerland BH_US_12_Percoco_Adventures_in_Bouncerland_WP.pdf BH_US_12_Percoco_Bouncerland_Slides.
Leer más

Presentaciones de la Black Hat 2011

Ya disponemos de las presentaciones que se dieron en la Black Hat 2011. Os dejo el listado de las charlas a las que han subido la documentación: How a Hacker Has Helped Influence the Government - and Vice Versa Video Faces Of Facebook-Or, How The Largest Real ID Database In The World Came To Be White Paper Slides Video Security When Nano-seconds Count White Paper Slides Automated Detection of HPP Vulnerabilities in Web Applications White Paper Slides Exploiting Siemens Simatic S7 PLCs White Paper Slides Femtocells: A poisonous needle in the operator’s hay stack White Paper Post Memory Corruption Memory Analysis White Paper Beyond files undeleting: OWADE White Paper Slides Physical Memory Forensics for Cache White Paper Slides Lives On The Line: Defending Crisis Maps in Libya, Sudan, and Pakistan White Paper Slides Legal Aspects of Cybersecurity–(AKA) CYBERLAW: A Year in Review, Cases, issues, your questions my (alleged) answers White Paper Slides Apple iOS Security Evaluation: Vulnerability Analysis and Data Encryption White Paper Slides Mobile Malware Madness, and How To Cap the Mad Hatters White Paper Slides USB: Undermining Security Barriers White Paper Slides Bit-squatting: DNS Hijacking without exploitation White Paper Slides Virtualization Under Attack: Breaking out of KVM White Paper Slides Exploiting the iOS Kernel White Paper Slides Spy-Sense: Spyware Tool for Executing Stealthy Exploits Against Sensor Networks White Paper Slides The Law of Mobile Privacy and Security Slides Smartfuzzing The Web: Carpe Vestra Foramina White Paper Slides Hacking Google Chrome OS White Paper Slides Don’t Drop the SOAP: Real World Web Service Testing for Web Hackers White Paper Slides Archivo1 Archivo2 Chip & PIN is definitely broken White Paper Slides ARM exploitation ROPmap Slides Windows Hooks of Death: Kernel Attacks Through User-Mode Callbacks White Paper Slides SSL And The Future Of Authenticity Video Hacking .
Leer más