0wn the Con
24/7 CTI: Operationalizing Cyber Threat Intelligence
A Code Pirate’s Cutlass: Recovering Software Architecture from Embedded Binaries
Ad-Laundering: Bribes & Backdoors
Advancing a Scientific Approach to Security Tool Evaluations with MITRE ATT&CK™
A Little Birdy Told Me About Your Warrants
Analyzing Shodan Images With Optical Character Recognition
A Tisket, a Tasket, a Dark Web Shopping Basket
Be an IoT Safety Hero: Policing Unsafe IoT through the Consumer Product Safety Commission
BECs and Beyond: Investigating and Defending Office 365
Behind Enemy Lines: Inside the operations of a nation state’s cyber program
Building and Selling Solo, an Open Source Secure Hardware Token
Closing Plenary: Between Two Moose
Closing Remarks
CryptoLocker Deep-Dive: Tracking security threats on the Bitcoin public ledger
Deconstructing DeFeNeStRaTe.C
Electronic Voting in 2018: Bad or Worse?
Encrypting the Web Isn’t Enough: How EFF Plans to Encrypt the Entire Internet
Équipe Rouge: The Ethics of Prosecuting An Offensive Security Campaign
Firemen vs. Safety Matches: How the current skills pipeline is wrong
Firetalks Closing
Firetalks Opening
Five-sigma Network Events (and how to find them)
Ground Truth: 18 vendors, 6000 firmware images, 2.7 million binaries, and a flaw in the Linux/MIPS stack
High Confidence Malware Attribution using the Rich Header
How the Press Gets Pwned
IMSI Catchers Demystified
Incident Response and the Attorney Client Privilege
Infosec and 9-1-1: When the Location of Your Emergency is in the Building
iPhone Surgery for the Practically Paranoid
IPv666: Address of the Beast
It’s 2019 and Special Agent Johnny Still Can’t Encrypt
Kinder Garten Security: Teaching the Pre-college Crowd
Looking for Malicious Hardware Implants with Minimal Equipment
Machine Learning Models that Predict Mental Health Status on Twitter and Their Privacy Implications
Mentoring the Intelligent Deviant: What the special operations and infosec communities can learn from each other
Opening Remarks, Rumblings, Ruminations, and Rants
Patchwerk: Kernel Patching for Fun and Profit
Post-quantum Crypto: Today’s defense against tomorrow’s quantum hacker
Process Control Through Counterfeit Comms: Using and Abusing Built-In Functionality to Own a PLC
Reversing SR-IOV For Fun and Profit
Security Response Survival Skills
Shut up and Listen
Social Network Analysis: A scary primer
Specialists versus Jack-Of-All-Trades
The APT at Home: The attacker that knows your mother’s maiden name
The Beginner’s Guide to the Musical Scales of Cyberwar
Three Ways DuckDuckGo Protects User Privacy While Getting Things Done (and how you can too)
Trip Wire(less)
Un-f*$#ing Cloud Storage Encryption
Weapons of Text Destruction
Whats the latest 411 on 419s?
Writing a Fuzzer for Any Language with American Fuzzy Lop