Ya están disponibles la mayoría de las presentaciones de Black Hat Asi 2018 celebrada el pasado 20-23 de marzo:

• A Short Course in Cyber Warfare
• National Cyber-Aggression and Private-Sector Internet Infrastructure
• A Deal with the Devil: Breaking Smart Contracts
  • Wong-Hemmel-A-Deal-with-the-Devil-Breaking-Smart-Contracts.pdf
• A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
  • Tsai-A-New-Era-Of-SSRF-Exploiting-URL-Parser-In-Trending-Programming-Languages_update_Thursday.pdf
• AES Wireless Keyboard – Template Attack for Eavesdropping
  • Kim-AES-Wireless-Keyboard-Template-Attack-for-Eavesdropping.pdf
• All Your Payment Tokens Are Mine: Vulnerabilities of Mobile Payment Systems
  • zhou-ALL%20YOUR%20PAYMENT%20TOKENS%20ARE%20MINE%20VULNERABILITIES%20OF%20MOBILE%20PAYMENT%20SYSTEMS.pdf
  • zhou-ALL%20YOUR%20PAYMENT%20TOKENS%20ARE%20MINE%20VULNERABILITIES%20OF%20MOBILE%20PAYMENT%20SYSTEMS-wp.pdf
• Analyzing & Breaking Exploit Mitigations and PRNGs on QNX for Automotive Industrial Medical and other Embedded Systems
  • Wetzels_Abassi_dissecting_qnx__PPT.pdf
  • Wetzels_Abassi_dissecting_qnx__WP.pdf
• Back To The Epilogue: How to Evade Windows’ Control Flow Guard with Less than 16 Bytes
  • Lain-Back-To-The-Epilogue-How-To-Evade-Windows-Control-Flow-Guard-With-Less-Than-16-Bytes.pdf
• Breach Detection At Scale With AWS Honey Tokens
  • bourke-grzelak-breach-detection-at-scale-with-aws-honey-tokens.pdf
  • bourke-grzelak-breach-detection-at-scale-with-aws-honey-tokens-wp.pdf
• Breaking State-of-the-Art Binary Code Obfuscation via Program Synthesis
  • Blazytko-Breaking-State-Of-The-Art-Binary-Code-Obfuscation-Via-Program-Synthesis.pdf
  • Blazytko-Breaking-State-Of-The-Art-Binary-Code-Obfuscation-Via-Program-Synthesis-wp.pdf
• Breaking the Attack Graph: How to Leverage Graphs to Strengthen Security in a Domain Environment
  • Simakov-Marina-Breaking-The-Attack-Graph.pdf
• Counter-Infiltration: Future-Proof Counter Attacks Against Exploit Kit Infrastructure
  • papa-Future-Proof%20Counter%20Attacks%20Against%20Exploit%20Kit%20Infrastructure.pdf
• Cyber Comrades: Alliance-Building in Cyberspace
  • Geers-Cyber%20Comrades%20Alliance%20Building%20in%20Cyberspace.pdf
• Death Profile
  • Zhu%20and%20Li-Death%20Profile.pdf
  • Zhu%20and%20Li-Death%20Profile-wp.pdf
• Documenting the Undocumented: The Rise and Fall of AMSI
  • Tal-Liberman-Documenting-the-Undocumented-The-Rise-and-Fall-of-AMSI.pdf
• eMMC & UFS: Security Vulnerabilities Rootkits
• Hourglass Model 2.0: Case Study of Southeast Asia Underground Services Abusing Global 2FA
  • Asia-18-CHUNG-Hourglass 2.0.pdf
• I Don’t Want to Sleep Tonight: Subverting Intel TXT with S3 Sleep
  • Seunghun-I_Dont_Want_to_Sleep_Tonight_Subverting_Intel_TXT_with_S3_Sleep.pdf
• International Problems: Serialized Fuzzing for ICU Vulnerabilities
  • Deng-International-Problems-Serialized-Fuzzing-for-ICU-Vulnerabilities.pdf
• Invoke-DOSfuscation: Techniques FOR %F IN (-style) DO (S-level CMD Obfuscation)
  • bohannon-invoke_dosfuscation_techniques_for_fin_style_dos_level_cmd_obfuscation.pdf
  • bohannon-invoke_dosfuscation_techniques_for_fin_style_dos_level_cmd_obfuscation-wp.pdf
• KSMA: Breaking Android Kernel Isolation and Rooting with ARM MMU Features
  • WANG-KSMA-Breaking-Android-kernel-isolation-and-Rooting-with-ARM-MMU-features.pdf
• Locknote: Conclusions and Key Takeaways from Black Hat Asia 2018
• Mac-A-Mal: An Automated Platform for Mac Malware Hunting
  • Phuc-Mac-A-Mal-An%20Automated%20Framework%20for%20Mac%20Malware%20Hunting.pdf
  • Phuc-Mac-A-Mal-An%20Automated%20Framework%20for%20Mac%20Malware%20Hunting-wp.pdf
• Nation-State Moneymule’s Hunting Season – APT Attacks Targeting Financial Institutions
  • Shen-Nation-State%20Moneymule%20hunting%20season_Thursday%20.pdf
• New Compat Vulnerabilities in Linux Device Drivers
  • Ding-New-Compat-Vulnerabilities-In-Linux-Device-Drivers.pdf
• Prison Break Season 6: Defeating the Mitigations Adopted by Android OEMs
• return-to-csu: A New Method to Bypass 64-bit Linux ASLR
  • Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR.pdf
  • Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf
• RustZone: Writing Trusted Applications in Rust
• Securing Your In-Ear-Fitness Coach: Challenges in Hardening Next Generation Wearables
• Server Tailgating - A Chosen-PlainText Attack on RDP
  • Karni-Zinar-Blachman-Server-Tailgating-A-Chosen-Plaintext-Attack-on-RDP.pdf
• Shadow-Box v2: The Practical and Omnipotent Sandbox for ARM
  • Seunghun-Shadow-Box_v2_The_Practical_and_Omnipotent_Sandbox_for_ARM.pdf
• Tales from the NOC: Going Public in Asia
• UbootKit: A Worm Attack for the Bootloader of IoT Devices
  • Yang-UbootKit-A-Worm-Attack-for-the-Bootloader-of-IoT-Devices.pdf
  • Yang-UbootKit-A-Worm-Attack-for-the-Bootloader-of-IoT-Devices-wp.pdf
• VSPMiner: Detecting Security Hazards in SEAndroid Vendor Customizations via Large-Scale Supervised Machine Learning
• When Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins
  • Schwarz-When-Good-Turns-Evil-Using-Intel-SGX-To-Stealthily-Steal-Bitcoins.pdf
  • Schwarz-When-Good-Turns-Evil-Using-Intel-SGX-To-Stealthily-Steal-Bitcoins-wp.pdf
• XOM-switch: Hiding Your Code from Advanced Code Reuse Attacks In One Shot
  • Zhang-xom-switch-mingwei-v1.2.pptx

Fuente: Cyberhades