2018-08-08

08:00

• Evil Mainframe Hacking Mini

• Advanced APT Hunting with Splunk

• Advanced Wireless Attacks Against Enterprise Networks

• Ham Crams and Exams

10:00

• Your taxes are being leaked

• All Your Cloud Are Belong To Us - Hunting Compromise in Azure

• Using Lockpicking to Teach Authentication Concepts

• Not your Mother's Honeypot - Another name for Threat Intel

• (De)Serial Killers

• Another one bites the dust: Failed experiments in infrastructure security analytics and lessons learned from fixing them

• The Key to Managing High Performance Security Teams

• Stupid Hacker Tricks: Bridging Airgaps and Breaking Data Diodes

10:30

• Building ambassadors to reduce friction, drive change, and get sh*t done

11:00

• iOS Runtime Hacking Crash Course

• Security Awareness Training Refresh

• How I Met Your Password

• Applied Quantitative Risk Analysis

• PowerShell Classification: Life, Learning, and Self-Discovery

• Increasing Retention Capacity

11:30

• Hacking the Public Policy API

12:00

• Tuning The Warp Drive with Laforge: New Tool for Building Security Competitions

• Where are the reinforcements?

• Invoke-NoShell

• Can data science deal with PAM?

14:00

• Securing Robots at Scale

• Who Maed Dis; A beginners guide to malware provenance based on compiler type.

• Abusing Password Reuse at Scale: Bcrypt and Beyond

• Security and DevOps are really Best Friends

• Tracking Malicious Logon: Visualize and Analyze Active Directory Event Logs

• Fast-track your Hacking Career – Why Take The Slow Lane?

• CVE CVSS NVD OMGWTFBBQ

• Cruising the MJ Freeway: Examining a large breach in legal Cannabis

• Attack & Defense in AWS Environments

• Endpoint Monitoring with Osquery and Kolide Fleet

• Smart Contracts: Hello World

• How A Fortune 500 Company Suppressed Our Research Through Legal Threats

14:30

• Community Career Panel or How to Get More than a TShirt Working at a Con

• Unifying the Kill Chain

15:00

• Pacu: Attack and Post-Exploitation in AWS

• LibreSSL - Moving the Ecosystem Forward

• Deploying WebAuthn at Dropbox Scale: Second Factor and Beyond

• Don't Bring Me Down: Are You Ready for Weaponized Botnets?

• Decision Analysis Applications in Threat Analysis Frameworks

• Engaging Policymakers at the State Level

• Incorporating Human Intelligence (HUMINT) into An Information Security Team

• Why Can't We Be Friends? (Get Spotted With A Fed)

15:30

• Looking for the perfect signature: an automatic YARA rules generation algorithm in the AI-era

• Disabling Encryption to Access Confidential Data

17:00

• Overlooked tactics for attacking hardened Active Directory environment

• Solving for Somebody Else's Problem: Hacking Devs for Better Security

• Guardians of GitHub

• Hackademia: The 2018 Literature Review

• Transforming Industries for Fun and Safety

• Bypassing Antivirus Engines using Open Sourced Malleable C2 Software, MSFVenom, Powershell and a bit of Guile

• Ask The EFF

17:30

• Firmware Security 101

18:00

• Turning (Page) Tables - Bypassing advanced kernel mitigations using page tables manipulations

• Watch Out For That Bus! (Personal Disaster Recovery Planning)

• Ransombile, yet another reason to ditch SMS

• Arbitrary Albatross: Neutral Names for Vulnerabilities at Volume

• Cavalry is ALL OF US

• The current state of adversarial machine learning

18:30

• Treble or Trouble: Where Android's latest security enhancements help, and where they fail