Black Hat USA 2012 Conference

Black Hat USA 2012 is set to bring together the best minds in security to define tomorrow's information security landscape in Las Vegas. This year's training courses offer the essential knowledge and skills to defend your enterprise against today's threats.

KEYNOTE
KN1 Welcome and Introduction to BlackHat USA 2012 | KEYNOTE: Changing the Security Paradigm… Taking Back Your Network and Bringing Pain to the Adversary (Slides/Video Blended) Jeff Moss & Shawn Henry
KN2 KEYNOTE: An Interview with Neal Stephenson (Video Only)
Neal Stephenson

BIG PICTURE
BP1 Trust, Security and Society (Video Only)
Bruce Schneier
BP2 The Christopher Columbus Rule and DHS (Video Only)
Mark Weatherford
BP3 Legal Aspects of Cyberspace Operations
Robert Clark
BP4 Targeted Intrusion Remediation: Lessons From The Front Lines
Jim Aldridge
BP5 Hacking the Corporate Mind: Using Social Engineering Tactics to Improve Organizational Security Acceptance
James Philput

BREAKING THINGS
BT1 A Stitch in Time Saves Nine: A Case of Multiple Operation System Vulnerability
Rafal Wojtczuk
BT2 Exploiting The Jemalioc Memory Allocator: Owning Firefox’s Heap
Patroklos Argyroudis & Chariton Karamitas
BT3 The Info Leak Era on Sofrware Exploitation
Fermin J. Serna
BT4 Are You My Type? Breaking.net Sandboxes Through Serialization
James Forshaw
BT5 PinPadPwn
Nils & Rafael Dominguez Vega

DEFENSE
D1 SexyDefense - Maximizing the Home-field Advantage
Iftach Ian Amit
D2 The Defense RESTs: Automation and APIs for Improving Security
David Mortman
D3 Control-Alt-Hack(TM): White Hat Hacking For Fun and Profit (A Computer Security Card Game)
Tadayoshi Kohno, Tamara Denning & Adam Shostack
D4 Intrusion Detection Along the Kill Chain: Why Your Detection System Sucks and What to do About It
John Flynn
D5 Exploit Mitigation Improvements in Windows 8

DEFINING THE SCOPE
DS1 Smashing the Future for Fun and Profit (Video Only)
Jeff Moss, Bruce Schneier, Adam Shostack, Marcus Ranum & Jennifer Granick
DS2 BlackOps
Dan Kaminsky
DS3 CuteCats.exe and the Arab Spring | The Last Gasp of the Industrial Air-Gap… |
STIX: The Structured Threat Information eXpression
Morgan Marquis-Boire | Eireann Leverett | Sean Barnum
DS4 Errata Hits Puberty: 13 Years of Chagrin (Slides/Video Blended)
Jericho
DS5 The Myth of Twelve More Bytes: Security on the Post-Scarcity Internet
Alex Stamos & Tom Ritter

ENTERPRISE INTRIGUE
EI1 Catching Insider Data Theft With Stochastic Forensics
Jonathan Grier
EI2 Find Me in Your Database: An Examination of Index Security
David Litchfield
EI3 Passive Bluetooth Monitoring in Scapy | SYNful Deceit, Stateful Subterfuge |
Stamp Out Hash Corruption, Crack All The Things Ryan Holeman | Tom Steele & Chris Patten | Ryan Reynolds & Jonathan Claudius
EI4 Clonewise - Automated Package Clone Detection
Silvio Cesare
EI5 SSRF VS. Business Critical Applications
Alexander Polyakov & Dmitry Chastuhin
Matt Miller & Ken Johnson

GNARLY PROBLEMS
GP1 File Disinfection framework: Striking Back at Polymorphic Viruses
Mario Vuksan & Tomislav Pericin
GP2 Confessions of a WAF Developer: Protocol-Level Evasion of Web Application Firewalls
Ivan Ristic
GP3 Torturing OpenSSL
Valeria Bertacco
GP4 WebTracking For You
Gregory Fleischer
GP5 Here Be Backdoors: A Journey Into the Secrets of Industrial Firmware
Ruben Santamarta

LOWER LAYERS
LL1 Smashing the Future for Fun and Profit (Video Only)
Jeff Moss, Bruce Schneier, Adam Shostack, Marcus Ranum & Jennifer Granick
LL2 How The Analysis of Electrical Current Consumption of embedded Systems Could Lead to Code Reversing?
Yann Allain & Julien Moinard
LL3 Looking into the Eye of the Meter
Don C. Weber
LL4 Windows 8 Heap Intervals
Chris Valasek & Tarjei Mandt
LL5 Ghost is in the Air(Traffic)
Andrei Costin

MALWARE
MA1 A Scientific (but not academic) Study of Malware Employs Anti-Debugging, Anti-disassemly and Anti-virtualization Technologies
Rodrigo Branco & Gabriel Barbosa
MA2 De Mysteriis Dom Jobsivs: Mac Efi Rootkits
Loukas K
MA3 Dex Education: Practicing Safe Dex
Timothy Strazzere
MA4 Hardware Backdooring is Practical
Jonathan Brossard
MA5 Flowers for Automated Malware Analysis

MASS EFFECT
ME1 Still Passing the Hash 15 Years Later? Using the Keys to the Kingdom to Access All Your Data
Alva Duckwall & Christopher Campbell
ME2 Recent Java Exploitation Trends and Malware
Jeong Wook Oh
ME3 Digging Deep Into The Flash Sandboxes
Paul Sabanal & Mark Vincent Yason
ME4 SQL Injection to MIPS Overflows: Rooting SOHO Routers
Zachary Cutlip
ME5 Hookin’ Ain’t Easy: BeEF Injection with MITM
Steve Ocepek & Ryan Linn
Chengyu Song & Paul Royal

MOBILE
MO1 Advanced Software Exploitation on ARM Microprocessors
Stephen Ridley & Stephen Lawler
MO2 Scaling Up Baseband Attacks: More (Unexpected) Attack Surface
Ralf-Philipp Weinmann
MO3 Don’t Stand So Close To Me: An Analysis of the NFC Attack Surface
Charlie Miller
MO4 Probing Mobile Operator Networks
Collin Mulliner
MO5 Adventures in Bouncer Land

92.2% MARKET SHARE
MS1 Exploitation of Windows 8 Metro style Apps
Sung-ting Tsai & Ming-chien Pan
MS2 We Have You by the Gadgets
Mickey Shkatov & Toby Kohlenberg
MS3 Exchanging Demands
Peter Hannay
MS4 Windows Phone 7 Internals and Exploitability
Tsukasa Oi
MS5 Easy Local Windows Kernel Exploitations
Cesar Cerrudo
Nicholas Percoco & Sean Schulte

OVER THE AIR AND IN THE DEVICE
OTA2 iOS Kernel Heap Armageddon Revisited
Stefan Esser
OTA3 When Security Gets in the Way: Tools for PenTesting Mobile Apps That Use Certificate Pinning | embedded Device Firmware Vulnerability Hunting Using FRAK | Mapping and Evolution of Android Permissions
Alban Diquet & Justine Osborne | Ang Cui | Andrew Reiter & Zach Lanier
OTA4 Introducing: SIRA Semi-automated iOS Rapid Assessment
Justin Engler, Seth Law, Joshua Dubik & David Vo
OTA5 How Many Bricks Does It Take to Crack a Microcell?
Mathew Rowley

UPPER LAYERS
UL1 Smashing the Future for Fun and Profit (Video Only)
Jeff Moss, Bruce Schneier, Adam Shostack, Marcus Ranum & Jennifer Granick
UL2 Google Native Client-Analysis of a Secure Browser Plugin Sandbox
Chris Rohlf
UL3 ModSecurity as Universal Cross-Platform Web Protection Tool | HTExploit Bypassing Htaccess Restrictions | Libinjection: A C library for SQLi Detection and Generation Through Lexical Analysis of Real World AttacksTurbo
Greg Wroblewski & Ryan Barnett | Maximiliano Soler & Matias Katz | Nick Galbreath
UL4 PRNG: Pwning Random Number Generators (in PHP applications)
George Argyros & Aggelos Kiayias
UL5 Owning Bad Guys {and Mafia} with javascript Botnets
Chema Alonso

WEB APPS
WA1 HTML5 Top 10 Threats - Stealth Attacks and Silent Exploits
Shreeraj Shah
WA2 AMF Testing Made Easy
Luca Carettoni
WA3 Hacking with WebSockets
Mike Shema, Sergey Shekyan & Vaagn Toukharian
WA4 Blended Threats and javascript: A Plan for Permanent Network Compromise
Phil Purviance & Joshua Brashars
WA5 State of Web Exploit Toolkits
Jason Jones