美国Blackhat2018预览

8月属于注定是网络安全的月份，从这周开始安全会议不断，Blackhat、Defcon、CNCERT的年会、阿里网络安全生态会、Kcon、腾讯CSS峰会、Xcon、微步情报大会。可能由于国内的已经够多了，今年似乎没有看到太多blackhat的报道，所以只能靠自己凑合看了下。Blachat会议两天一共118个议题，214个演讲者。过了一遍议题简介第一个感受是黑客的世界仍然保持着无比精彩，安全不仅仅是AI，不仅仅是ML，即便还是Web，二进制这些领域，其研究的要素组件都是前所未有的，科技化使生活的越来越精彩丰富便利，而黑客的眼里这都一片全新的领域而且在其中还游刃有余。另外一个新奇点是，不知道从什么时候开始，竟然多了这么多关注搬砖工程师心理健康的方面的议题。

万能的google翻译几乎已经可以大概说明白议题的大概方向了，这里就不一一介绍了。今年特别关注了一下演讲人，这里简单的归为三类，甲方科技巨头、乙方安全公司、第三方组织（政府机构、学校、研究组织、独立研究者等等）

总体来说还是乙方的人数较多，但是出现了很多不同类型的领域的厂商了。如今已经不是清一色的杀毒厂商或者NGFW厂商了。Fireeye似乎也不见了踪影。排除了独立研究人员之后的top10演讲人员组织，可以此了解一下有意思的一些新晋安全厂商或者甲方的最佳实践。

演讲组织

演讲人数

Microsoft

10

Riscure

9

Tencent  Keen Security Lab

8

Google

6

Graz  University of Technology

6

EURECOM

5

IBM  Research

5

Duo  Security

4

Endgame

4

Global  Commission on the Stability of Cyberspace

4

KAIST

4

Positive  Technologies

4

其他的乙方公司按演讲顺序简单整理如下，可以感受一下还有剩多少是熟悉的面孔。

VirusBay

Kaspersky

GoSecure

Endgame

Duo Security

Sophos

Riscure

Trail of Bits

Leviathan Security Group

Nozomi Networks

DarkMatter

ZwillGen PLLC

River Loop Security

Eclypsium

PwC

Trimarc

SpecterOps

Immunity Inc

Shostack & Associates

DEVCORE

leveldown security

Cylance Inc

NewAE Technology Inc

Trustwave SpiderLabs

Dragos Inc

Digita Security

Terbium Labs

Cymptom

Positive Technologies

F5 Networks

CrowdStrike Inc

Winsider Seminars & Solutions

Quarkslab

Fleetsmith

Forcepoint

Hex-Rays SA

Lookout

IBM Research

Threatcare

Cisco

NCC Group

G DATA Advanced Analytics

McAfee

IOActive

ForAllSecure

RSM Partners

PortSwigger Web Security

Bastille Networks

Whitescope

QED

HORNE Cyber

Secarma Ltd

Red Sky Solutions,LLC

RSA Security

Tripwire VERT

时间仓促就未对厂商类型再做进一步分类分析了。最后附上议题，供各位与会者参考一下，同一个时间段有上10个议题，也就只能选一个方向听一下了。

Keynote

Optimistic  Dissatisfaction with the Status Quo: Steps We Must Take to Improve Security  in Complex Landscapes

WEDNESDAY  | 9:00AM

AWS上检测凭证被窃

Detecting Credential Compromise in AWS

WEDNESDAY  | 10:30AM

识别online scanners

Dissecting  Non-Malicious Artifacts: One IP at a Time

WEDNESDAY  | 10:30AM

ESI引擎漏洞挖掘

Edge  Side Include Injection: Abusing Caching Servers into SSRF and Transparent  Session Hijacking

WEDNESDAY  | 10:30AM

钓鱼邮件安全意识

Exposing  the Bait: A Qualitative Look at the Impact of Autonomous Peer Communication  to Enhance Organizational Phishing Detection

WEDNESDAY  | 10:30AM

Xori自动反编译分析恶意软件

Finding  Xori: Malware Analysis Triage with Automated Disassembly

WEDNESDAY  | 10:30AM

安全从业人员人文关怀

Holding  on for Tonight: Addiction in InfoSec

WEDNESDAY  | 10:30AM

SBOM物联网政策

How I  Learned to Stop Worrying and Love the SBOM

WEDNESDAY  | 10:30AM

恶意软件检测

Measuring  the Speed of the Red Queen's Race; Adaption and Evasion in Malware

WEDNESDAY  | 10:30AM

硬件钱包

Software  Attacks on Hardware Wallets

WEDNESDAY  | 10:30AM

Hyper-V漏洞挖掘

A Dive  in to Hyper-V Architecture & Vulnerabilities

WEDNESDAY  | 11:15AM

以太坊智能合约区块链漏洞挖掘

Blockchain  Autopsies - Analyzing Ethereum Smart Contract Deaths

WEDNESDAY  | 11:15AM

深度学习神经网络做安全检测

Deep  Neural Networks for Hackers: Methods, Applications, and Open Source Tools

WEDNESDAY  | 11:15AM

机器人的法律探讨

From  Bot to Robot: How Abilities and Law Change with Physicality

WEDNESDAY  | 11:15AM

Keen  team的iOS越狱

KeenLab  iOS Jailbreak Internals: Userland Read-Only Memory can be Dangerous

WEDNESDAY  | 11:15AM

Miasm工程框架

Miasm:  Reverse Engineering Framework

WEDNESDAY  | 11:15AM

JavaScript引擎内置的即时（JIT）编译器漏洞挖掘

New  Trends in Browser Exploitation: Attacking Client-Side JIT Compilers

WEDNESDAY  | 11:15AM

黑客与压力

Stress  and Hacking: Understanding Cognitive Stress in Tactical Cyber Ops

WEDNESDAY  | 11:15AM

TRITON工控

TRITON:  How it Disrupted Safety Systems and Changed the Threat Landscape of  Industrial Control Systems, Forever

WEDNESDAY  | 11:15AM

软件定义SD-WAN攻击

CANCELLED:  Too Soft[ware Defined] Networks: SD-WAN VulnerabilityAssessment

WEDNESDAY  | 1:30PM

VPN攻击

Compression  Oracle Attacks on VPN Networks

WEDNESDAY  | 1:30PM

ICS防火墙

Deep  Dive into an ICS Firewall, Looking for the Fire Hole

WEDNESDAY  | 1:30PM

法律政策

Legal  Landmines: How Law and Policy are Rapidly Shaping Information Security

WEDNESDAY  | 1:30PM

地缘政治与恶意软件分析

No  Royal Road … Notes on Dangerous Game

WEDNESDAY  | 1:30PM

UEFI  firmware固件攻击

Remotely  Attacking System Firmware

WEDNESDAY  | 1:30PM

无线SD卡攻击

Reversing  a Japanese Wireless SD Card - From Zero to Code Execution

WEDNESDAY  | 1:30PM

侧信道攻击解密

Screaming  Channels: When Electromagnetic Side Channels Meet Radio Transceivers

WEDNESDAY  | 1:30PM

汽车固件ECU攻击

There  will be Glitches: Extracting and Analyzing Automotive Firmware Efficiently

WEDNESDAY  | 1:30PM

检测twitter机器人

Don't @  Me: Hunting Twitter Bots at Scale

WEDNESDAY  | 2:40PM

ROSE远程在线社工

Every  ROSE has its Thorn: The Dark Art of Remote Online Social Engineering

WEDNESDAY  | 2:40PM

工作站到域控的攻击

From  Workstation to Domain Admin: Why Secure Administration isn't Secure and How  to Fix it

WEDNESDAY  | 2:40PM

Meltdown详解

Meltdown:  Basics, Details, Consequences

WEDNESDAY  | 2:40PM

黑客的心理健康

Mental  Health Hacks: Fighting Burnout, Depression and Suicide in the Hacker  Community

WEDNESDAY  | 2:40PM

Sysmon高级玩法

Subverting  Sysmon: Application of a Formalized Security Product Evasion Methodology

WEDNESDAY  | 2:40PM

BMC攻击

The  Unbearable Lightness of BMC's

WEDNESDAY  | 2:40PM

威胁建模

Threat  Modeling in 2018: Attacks, Impacts and Other Updates

WEDNESDAY  | 2:40PM

WireGuard密码学攻击VPN

WireGuard:  Next Generation Secure Network Tunnel

WEDNESDAY  | 2:40PM

iOS 11的async_wake漏洞利用

A Brief  History of Mitigation: The Path to EL1 in iOS 11

WEDNESDAY  | 4:00PM

Meltdown漏洞响应的背后故事

Behind  the Speculative Curtain: The True Story of Fighting Meltdown and Spectre

WEDNESDAY  | 4:00PM

新型web攻击面path normalization漏洞挖掘

Breaking  Parser Logic: Take Your Path Normalization off and Pop 0days Out!

WEDNESDAY  | 4:00PM

工控网关漏洞

Breaking  the IIoT: Hacking industrial Control Gateways

WEDNESDAY  | 4:00PM

LET网络注入恶意包

LTE  Network Automation Under Threat

WEDNESDAY  | 4:00PM

针对用于移动和物联网设备的微软Cortana攻击

Open  Sesame: Picking Locks with Cortana

WEDNESDAY  | 4:00PM

GO语言漏洞

Squeezing  a Key through a Carry Bit

WEDNESDAY  | 4:00PM

X86架构下的提取漏洞

Why so  Spurious? How a Highly Error-Prone x86/x64 CPU "Feature" can be  Abused to Achieve Local Privilege Escalation on Many Operating Systems

WEDNESDAY  | 4:00PM

零信任网络的威胁

ZEROing  Trust:  Do Zero Trust Approaches  Deliver Real Security?

WEDNESDAY  | 4:00PM

AFL的盲点

AFL's  Blindspot and How to Resist AFL Fuzzing for Arbitrary ELF Binaries

WEDNESDAY  | 5:05PM

加密货币IOTA的攻击

A  Tangled Curl: Attacks on the Curl-P Hash Function Leading to Signature  Forgeries in the IOTA Signature Scheme

WEDNESDAY  | 5:05PM

KVM  Hypervisor安全设计

Back to  the Future: A Radical Insecure Design of KVM on ARM

WEDNESDAY  | 5:05PM

区块链分散和抗删除的域名技术对抗

Beating  the Blockchain by Mapping Out Decentralized Namecoin and Emercoin  Infrastructure

WEDNESDAY  | 5:05PM

安全社区的X骚扰事件

How can  Communities Move Forward After Incidents of Sexual Harassment or Assault?

WEDNESDAY  | 5:05PM

开源工具ChipWhisperer-Lint在硬件侧信到攻击中使用

I, for  One, Welcome Our New Power Analysis Overlords

WEDNESDAY  | 5:05PM

腐败对信息安全社区的影响

InfoSec  Philosophies for the Corrupt Economy

WEDNESDAY  | 5:05PM

黑手党是否接管了网络犯罪

Is the  Mafia Taking Over Cybercrime?

WEDNESDAY  | 5:05PM

针对物理隔离Air-Gap的攻击

The  Air-Gap Jumpers

WEDNESDAY  | 5:05PM

安卓ARTist逆向分析工具

ARTist  - A Novel Instrumentation Framework for Reversing and Analyzing Android Apps  and the Middleware

THURSDAY  | 9:00AM

网络安全的PTSD创伤后应激障碍

Demystifying  PTSD in the Cybersecurity Environment

THURSDAY  | 9:00AM

基于主机的Mac OS防火墙研究

Fire  & Ice: Making and Breaking macOS Firewalls

THURSDAY  | 9:00AM

WinVote  Voting Machines必胜投票机取证

Lessons  from Virginia - A Comparative Forensic Analysis of WinVote Voting Machines

THURSDAY  | 9:00AM

用网上情报资源预测支付欺诈

Money-rity  Report: Using Intelligence to Predict the Next Payment Card Fraud Victims

THURSDAY  | 9:00AM

deception欺骗检测技术的弱点

Real  Eyes, Realize, Real Lies: Beating Deception Technologies

THURSDAY  | 9:00AM

BlackBerry产品安全管理经验

Stop  that Release, There's a Vulnerability!

THURSDAY  | 9:00AM

WebAssembly漏洞挖掘

The  Problems and Promise of WebAssembly

THURSDAY  | 9:00AM

YubiKey双因子

Two-Factor  Authentication, Usable or Not? A Two-Phase Usability Study of the FIDO U2F  Security Key

THURSDAY  | 9:00AM

ATM机攻击设备

Black  Box is Dead. Long Live Black Box!

THURSDAY  | 9:45AM

SSO  SAML漏洞挖掘

Identity  Theft: Attacks on SSO Systems

THURSDAY  | 9:45AM

内核攻击

Kernel  Mode Threats and Practical Defenses

THURSDAY  | 9:45AM

网络安全外交

New  Norms and Policies in Cyber-Diplomacy

THURSDAY  | 9:45AM

VSS备份特性攻击

Reconstruct  the World from Vanished Shadow: Recovering Deleted VSS Snapshots

THURSDAY  | 9:45AM

iot领域蜂窝设备的漏洞挖掘

Snooping  on Cellular Gateways and Their Critical Role in ICS

THURSDAY  | 9:45AM

女网络安全工程师的招聘

The  Science of Hiring and Retaining Female Cybersecurity Engineers

THURSDAY  | 9:45AM

针对Windows Notification的攻击

The  Windows Notification Facility: Peeling the Onion of the Most Undocumented  Kernel Attack Surface Yet

THURSDAY  | 9:45AM

构造语音认证攻击

Your  Voice is My Passport

THURSDAY  | 9:45AM

macOS  MDM安全

A Deep  Dive into macOS MDM (and How it can be Compromised)

THURSDAY  | 11:00AM

对机器学习算法的攻击

AI  & ML in Cyber Security - Why Algorithms are Dangerous

THURSDAY  | 11:00AM

交易安全Trading Stocks

Are You  Trading Stocks Securely? Exposing Security Flaws in Trading Technologies

THURSDAY  | 11:00AM

微码安全研究

Decompiler  Internals: Microcode

THURSDAY  | 11:00AM

检测恶意云账号行为

Detecting  Malicious Cloud Account Behavior: A Look at the New Native Platform  Capabilities

THURSDAY  | 11:00AM

针对OpenPGP and S/MIME攻击

Efail:  Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels

THURSDAY  | 11:00AM

x86处理器的硬件后门

GOD MODE UNLOCKED -  Hardware Backdoors in x86 CPUs

THURSDAY  | 11:00AM

医疗领域hl7协议漏洞挖掘

Pestilential  Protocol: How Unsecure HL7 Messages Threaten Patient Lives

THURSDAY  | 11:00AM

移动端的监听技术

Stealth  Mango and the Prevalence of Mobile Surveillanceware

THURSDAY  | 11:00AM

自动驾驶的安全

Applied  Self-Driving Car Security

THURSDAY  | 12:10PM

视频水印的攻击

None of  My Pixel is Your Business: Active Watermarking Cancellation Against Video  Streaming Service

THURSDAY  | 12:10PM

智慧城市的漏洞挖掘

Outsmarting  the Smart City

THURSDAY  | 12:10PM

TLS 1.3安全

Playback:  A TLS 1.3 Story

THURSDAY  | 12:10PM

增强机器学习抗攻击能力

Protecting  the Protector, Hardening Machine Learning Defenses Against Adversarial  Attacks

THURSDAY  | 12:10PM

域控攻击

So I  became a Domain Controller

THURSDAY  | 12:10PM

TLB的侧信道攻击

TLBleed:  When Protecting Your CPU Caches is Not Enough

THURSDAY  | 12:10PM

WebAssembly漏洞挖掘

WebAssembly:  A New World of Native Exploits on the Browser

THURSDAY  | 12:10PM

缓解speculative漏洞的故事

Wrangling  with the Ghost: An Inside Story of Mitigating Speculative Execution Side  Channel Vulnerabilities

THURSDAY  | 12:10PM

关于DRAM的漏洞Rowhammer

Another  Flip in the Row

THURSDAY  | 2:30PM

反序列化漏洞自动发现

Automated  Discovery of Deserialization Gadget Chains

THURSDAY  | 2:30PM

社工攻击研究

Catch  me, Yes we can! – Pwning Social Engineers using Natural  Language Processing Techniques in Real-Time

THURSDAY  | 2:30PM

智能手机baseband攻击

Exploitation  of a Modern Smartphone Baseband

THURSDAY  | 2:30PM

自动漏洞利用(内核)

From  Thousands of Hours to a Couple of Minutes: Automating Exploit Generation for  Arbitrary Types of Kernel Vulnerabilities

THURSDAY  | 2:30PM

Autism  Spectrum Disorder研究

How can  Someone with Autism Specifically Enhance the Cyber Security Workforce?

THURSDAY  | 2:30PM

SATCOM安全研究

Last  Call for SATCOM Security

THURSDAY  | 2:30PM

iot漏洞的合法责任

Legal  Liability for IOT Cybersecurity Vulnerabilities

THURSDAY  | 2:30PM

widnows  Defender的仿真器

Windows  Offender: Reverse Engineering Windows Defender's Antivirus Emulator

THURSDAY  | 3:50PM

mPOSl漏洞挖掘

For the  Love of Money: Finding and Exploiting Vulnerabilities in Mobile Point of  Sales Systems

THURSDAY  | 3:50PM

微软OSR团队对Hyper-V漏洞的挖掘

Hardening  Hyper-V through Offensive Security Research

THURSDAY  | 3:50PM

IoT恶意软件的综合调查分析框架

IoT  Malware: Comprehensive Survey, Analysis Framework and Case Studies

THURSDAY  | 3:50PM

通过深度学习来帮助侧信道攻击

Lowering  the Bar: Deep Learning for Side Channel Analysis

THURSDAY  | 3:50PM

大型机漏洞挖掘

Mainframe  [z/OS] Reverse Engineering and Exploit Development

THURSDAY  | 3:50PM

web缓存中毒攻击

Practical  Web Cache Poisoning: Redefining 'Unexploitable'

THURSDAY  | 3:50PM

小型组织创建SDL的实践

SDL  That Won't Break the Bank

THURSDAY  | 3:50PM

无线电紧急系统的攻击

SirenJack: Cracking  a 'Secure' Emergency Warning Siren System

THURSDAY  | 3:50PM

植入式医疗设备的漏洞挖掘

Understanding  and Exploiting Implanted Medical Devices

THURSDAY  | 3:50PM

docker攻击

An  Attacker Looks at Docker: Approaching Multi-Container Applications

THURSDAY  | 5:00PM

IBM的AI攻击DeepLocker研究DeepLocker - Concealing Targeted Attacks with AI Locksmithing

DeepLocker  - Concealing Targeted Attacks with AI Locksmithing

THURSDAY  | 5:00PM

模糊测试Fuzz研究

Follow  the White Rabbit: Simplifying Fuzz Testing Using FuzzExMachina

THURSDAY  | 5:00PM

PHP的非序列漏洞研究

It's a  PHP Unserialization Vulnerability Jim

THURSDAY  | 5:00PM

NOC BH统计分析报告

Lessons  and Lulz: The 4th Annual Black Hat USA NOC Report

THURSDAY  | 5:00PM

NOC报告

Lessons  and Lulz: The 4th Annual Black Hat USA NOC Report

THURSDAY  | 5:00PM

Keen  team对特斯拉攻击的分享

Over-the-Air:  How we Remotely Compromised the Gateway, BCM, and Autopilot ECUs of Tesla  Cars

THURSDAY  | 5:00PM

TLS漏洞分析

Return  of Bleichenbacher's Oracle Threat (ROBOT)

THURSDAY  | 5:00PM

SDN的渗透测试框架

The  Finest Penetration Testing Framework for Software-Defined Networks

THURSDAY  | 5:00PM

移动恶意软件攻击技术分析

Unpacking  the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native  Library

THURSDAY  | 5:00PM