48 DIRTY LITTLE SECRETS CRYPTOGRAPHERS DON'T WANT YOU TO KNOW
802.1X AND BEYOND!
ABUSE OF CPE DEVICES AND RECOMMENDED FIXES
ABUSING MICROSOFT KERBEROS: SORRY YOU GUYS DON'T GET IT
ABUSING PERFORMANCE OPTIMIZATION WEAKNESSES TO BYPASS ASLR
A JOURNEY TO PROTECT POINTS-OF-SALE
ANDROID FAKEID VULNERABILITY WALKTHROUGH
API SECURITY ROUNDTABLE: LESSONS LEARNED IN API SECURITY
A PRACTICAL ATTACK AGAINST VDI SOLUTIONS
APT ATTRIBUTION AND DNS PROFILING
A SCALABLE, ENSEMBLE APPROACH FOR BUILDING AND VISUALIZING DEEP CODE-SHARING NETWORKS OVER MILLIONS OF MALICIOUS BINARIES
A SURVEY OF REMOTE AUTOMOTIVE ATTACK SURFACES
ATTACKING MOBILE BROADBAND MODEMS LIKE A CRIMINAL WOULD
BABAR-IANS AT THE GATE: DATA PROTECTION AT MASSIVE SCALE
BADGER - THE NETWORKED SECURITY STATE ESTIMATION TOOLKIT
BADUSB - ON ACCESSORIES THAT TURN EVIL
BE MEAN TO YOUR CODE ROUNDTABLE: SECURITY IN THE AGE OF CONTINUOUS INTEGRATION & DEPLOYMENT
BITCOIN TRANSACTION MALLEABILITY THEORY IN PRACTICE
BREAKING THE SECURITY OF PHYSICAL DEVICES
BRINGING SOFTWARE DEFINED RADIO TO THE PENETRATION TESTING COMMUNITY
BUILDING SAFE SYSTEMS AT SCALE - LESSONS FROM SIX MONTHS AT YAHOO
CALL TO ARMS: A TALE OF THE WEAKNESSES OF CURRENT CLIENT-SIDE XSS FILTERING
CAPSTONE: NEXT GENERATION DISASSEMBLY FRAMEWORK
CATCHING MALWARE EN MASSE: DNS AND IP STYLE
CELLULAR EXPLOITATION ON A GLOBAL SCALE: THE RISE AND FALL OF THE CONTROL PROTOCOL
CERTIFICATIONS ROUNDTABLE: THE QUEST FOR VALUE
CLOUDBOTS: HARVESTING CRYPTO COINS LIKE A BOTNET FARMER
COMPUTRACE BACKDOOR REVISITED
CONTEMPORARY AUTOMATIC PROGRAM ANALYSIS
CREATING A SPIDER GOAT: USING TRANSACTIONAL MEMORY SUPPORT FOR SECURITY
CYBERSECURITY AS REALPOLITIK
DATA-ONLY PWNING MICROSOFT WINDOWS KERNEL: EXPLOITATION OF KERNEL POOL OVERFLOWS ON MICROSOFT WINDOWS 8.1
DEFEATING THE TRANSPARENCY FEATURE OF DBI
DIGGING FOR IE11 SANDBOX ESCAPES
DYNAMIC FLASH INSTRUMENTATION FOR FUN AND PROFITĖ
EMBEDDED DEVICES ROUNDTABLE: EMBEDDING THE MODERN WORLD, WHERE DO WE GO FROM HERE?
EPIDEMIOLOGY OF SOFTWARE VULNERABILITIES: A STUDY OF ATTACK SURFACE SPREAD
EVASION OF HIGH-END IPS DEVICES IN THE AGE OF IPV6
EXPLOITING UNPATCHED IOS VULNERABILITIES FOR FUN AND PROFIT
EXPOSING BOOTKITS WITH BIOS EMULATION
EXTREME PRIVILEGE ESCALATION ON WINDOWS 8/UEFI SYSTEMS
FINDING AND EXPLOITING ACCESS CONTROL VULNERABILITIES IN GRAPHICAL USER INTERFACES
FINGERPRINTING WEB APPLICATION PLATFORMS BY VARIATIONS IN PNG IMPLEMENTATIONS
FROM ATTACKS TO ACTION - BUILDING A USABLE THREAT MODEL TO DRIVE DEFENSIVE CHOICES
FULL SYSTEM EMULATION: ACHIEVING SUCCESSFUL AUTOMATED DYNAMIC ANALYSIS OF EVASIVE MALWARE
GOVERNMENT POLICY ROUNDTABLE: UNDERSTANDING THE NIST RISK MANAGEMENT FRAMEWORK
GOVERNMENTS AS MALWARE AUTHORS: THE NEXT GENERATION
GRR: FIND ALL THE BADNESS, COLLECT ALL THE THINGS
HACKING THE WIRELESS WORLD WITH SOFTWARE DEFINED RADIO - 2.0
HOW SMARTCARD PAYMENT SYSTEMS FAIL
HOW TO LEAK A 100-MILLION-NODE SOCIAL GRAPH IN JUST ONE WEEK? - A REFLECTION ON OAUTH AND API DESIGN IN ONLINE SOCIAL NETWORKS
HOW TO WEAR YOUR PASSWORD
ICSCORSAIR: HOW I WILL PWN YOUR ERP THROUGH 4-20 MA CURRENT LOOP
I KNOW YOUR FILTERING POLICY BETTER THAN YOU DO: EXTERNAL ENUMERATION AND EXPLOITATION OF EMAIL AND WEB SECURITY SOLUTIONS
INTERNET SCANNING - CURRENT STATE AND LESSONS LEARNED
INVESTIGATING POWERSHELL ATTACKS
IT JUST (NET)WORKS: THE TRUTH ABOUT IOS 7'S MULTIPEER CONNECTIVITY FRAMEWORK
LEARN HOW TO CONTROL EVERY ROOM AT A LUXURY HOTEL REMOTELY: THE DANGERS OF INSECURE HOME AUTOMATION DEPLOYMENT
LEVIATHAN: COMMAND AND CONTROL COMMUNICATIONS ON PLANET EARTH
LIFECYCLE OF A PHONE FRAUDSTER: EXPOSING FRAUD ACTIVITY FROM RECONNAISSANCE TO TAKEOVER USING GRAPH ANALYSIS AND ACOUSTICAL ANOMALIES
MEDICAL DEVICES ROUNDTABLE: IS THERE A DOCTOR IN THE HOUSE? SECURITY AND PRIVACY IN THE MEDICAL WORLD
MINIATURIZATION
MISSION MPOSSIBLE
MOBILE DEVICE MISMANAGEMENT
MOBILE SECURITY ROUNDTABLE: WHAT DOES MOBILE SECURITY LOOK LIKE TODAY? WHAT WILL IT LOOK LIKE TOMORROW?
MORE SHADOW WALKER: THE PROGRESSION OF TLB-SPLITTING ON X86
MULTIPATH TCP: BREAKING TODAY'S NETWORKS WITH TOMORROW'S PROTOCOLS
MY GOOGLE GLASS SEES YOUR PASSWORDS!
NETWORK ATTACHED SHELL: N.A.S.TY SYSTEMS THAT STORE NETWORK ACCESSIBLE SHELLS
"NOBODY IS LISTENING TO YOUR PHONE CALLS." REALLY? A DEBATE AND DISCUSSION ON THE NSA'S ACTIVITIES
ONE PACKER TO RULE THEM ALL: EMPIRICAL IDENTIFICATION, COMPARISON, AND CIRCUMVENTION OF CURRENT ANTIVIRUS DETECTION TECHNIQUES
OPENSTACK CLOUD AT YAHOO SCALE: HOW TO AVOID DISASTER
ORACLE DATA REDACTION IS BROKEN
PIVOTING IN AMAZON CLOUDS
POACHER TURNED GAMEKEEPER: LESSONS LEARNED FROM EIGHT YEARS OF BREAKING HYPERVISORS
POINT OF SALE SYSTEM ARCHITECTURE AND SECURITY
PRAGMATIC SECURITY AUTOMATION ROUNDTABLE
PREVALENT CHARACTERISTICS IN MODERN MALWARE
PROBABILISTIC SPYING ON ENCRYPTED TUNNELS
PROTECTING DATA IN-USE FROM FIRMWARE AND PHYSICAL ATTACKS
PULLING BACK THE CURTAIN ON AIRPORT SECURITY: CAN A WEAPON GET PAST TSA?
RAVAGE - RUNTIME ANALYSIS OF VULNERABILITIES AND GENERATION OF EXPLOITS
REFLECTIONS ON TRUSTING TRUSTZONE
RESEARCHING ANDROID DEVICE SECURITY WITH THE HELP OF A DROID ARMY
RESPONSIBLE DISCLOSURE ROUNDTABLE: YOU MAD BRO?
REVERSE ENGINEERING FLASH MEMORY FOR FUN AND BENEFIT
REVERSE-ENGINEERING THE SUPRA IBOX: EXPLOITATION OF A HARDENED MSP430-BASED DEVICE
SAP, CREDIT CARDS, AND THE BIRD THAT TALKS TOO MUCH
SATCOM TERMINALS: HACKING BY AIR, SEA, AND LAND
SAVING CYBERSPACE
SECSI PRODUCT DEVELOPMENT: TECHNIQUES FOR ENSURING SECURE SILICON APPLIED TO OPEN-SOURCE VERILOG PROJECTS
SECURE BECAUSE MATH: A DEEP-DIVE ON MACHINE LEARNING-BASED MONITORING
SECURITY AND SOFTWARE DEFINED NETWORKING ROUNDTABLE: NEW EXPOSURES OR NEW OPPORTUNITIES?
SIDEWINDER TARGETED ATTACK AGAINST ANDROID IN THE GOLDEN AGE OF AD LIBS
SMART NEST THERMOSTAT: A SMART SPY IN YOUR HOME
STATIC DETECTION AND AUTOMATIC EXPLOITATION OF INTENT MESSAGE VULNERABILITIES IN ANDROID APPLICATIONS
STAY OUT OF THE KITCHEN: A DLP SECURITY BAKE-OFF
SVG: EXPLOITING BROWSERS WITHOUT IMAGE PARSING BUGS
THE BEAST IS IN YOUR MEMORY: RETURN-ORIENTED PROGRAMMING ATTACKS AGAINST MODERN CONTROL-FLOW INTEGRITY PROTECTION TECHNIQUES
THE BEAST WINS AGAIN: WHY TLS KEEPS FAILING TO PROTECT HTTP
THE BIG CHILL: LEGAL LANDMINES THAT STIFLE SECURITY RESEARCH AND HOW TO DISARM THEM
THE DEVIL DOES NOT EXIST - THE ROLE OF DECEPTION IN CYBER
THE LIBRARY OF SPARTA
THE NEW PAGE OF INJECTIONS BOOK: MEMCACHED INJECTIONS
THE NEW SCOURGE OF RANSOMWARE: A STUDY OF CRYPTOLOCKER AND ITS FRIENDS
THE STATE OF INCIDENT RESPONSE
THINKING OUTSIDE THE SANDBOX - VIOLATING TRUST BOUNDARIES IN UNCOMMON WAYS
THREAT INTELLIGENCE LIBRARY - A NEW REVOLUTIONARY TECHNOLOGY TO ENHANCE THE SOC BATTLE RHYTHM!
TIME TRIAL: RACING TOWARDS PRACTICAL TIMING ATTACKS
UNDERSTANDING IMSI PRIVACY
UNDERSTANDING TOCTTOU IN THE WINDOWS KERNEL FONT SCALER ENGINE
UNVEILING THE OPEN SOURCE VISUALIZATION ENGINE FOR BUSY HACKERS
UNWRAPPING THE TRUTH: ANALYSIS OF MOBILE APPLICATION WRAPPING SOLUTIONS
VOIP WARS: ATTACK OF THE CISCO PHONES
WHAT GOES AROUND COMES BACK AROUND - EXPLOITING FUNDAMENTAL WEAKNESSES IN BOTNET C&C PANELS!
WHEN THE LIGHTS GO OUT: HACKING CISCO ENERGYWISE
WHY CONTROL SYSTEM CYBER-SECURITY SUCKS...
WHY YOU NEED TO DETECT MORE THAN PTH
WINDOWS KERNEL GRAPHICS DRIVER ATTACK SURFACE
WRITE ONCE, PWN ANYWHERE