Locknote: Conclusions and Key Takeaways from Day 2

Locknote: Conclusions and Key Takeaways from Day 1

Keynote: My Lessons from the Uber Case

Keynote: Industrialising Cyber Defence in an Asymmetric World

The Black Hat Europe Network Operations Center (NOC) Report

My Invisible Adversary: Burnout

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to Enable BCP38

Collide+Power: The Evolution of Software-based Power Side-Channels Attacks

Through the Looking Glass: How Open Source Projects See Vulnerability Disclosure

New Techniques for Split-Second DNS Rebinding

Something Rotten in the State of Data Centers

When The Front Door Becomes a Backdoor: The Security Paradox of OSDP

The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools

Kidnapping Without Hostages: Virtual Kidnapping and the Dark Road Ahead

TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers

One Million ASUS Routers Under Control: Exploiting ASUS DDNS to MITM Admin Credentials

Off The Record - Weaponizing DHCP DNS Dynamic Updates

Breaching the Perimeter via Cloud Synchronized Browser Settings

Hiding in the Clouds: Abusing Azure DevOps Services to Bypass Microsoft Sentinel Analytic Rules

Vulnerabilities in Old Third-Party Software Components- Importance of Having SBoM for IoT/OT Devices

Indirect Prompt Injection Into LLMs Using Images and Sounds

VoBERT: Unstable Log Sequence Anomaly Detection: Introducing Vocabulary-Free BERT

HODOR: Reducing Attack Surface on Node.js via System Call Limitation

How We Taught ChatGPT-4 to Break mbedTLS AES With Side-Channel Attacks

Unmasking APTs: An Automated Approach for Real-World Threat Attribution

Black Hat USA 2024 - Short Reel

Black Hat USA 2024

Illegitimate Data Protection Requests - To Delete or to Address?

Breaking Theoretical Limits: The Gap Between Virtual NICs and Physical Network Cards