BLACK HAT 2024 EU
Wednesday | 8:00am
Briefings Breakfast
Track
:
Location
: Briefings Corridor, Level 3
Wednesday | 9:00am
Keynote: Frédérick Douzet
Speaker:
Frédérick Douzet
Track
: Keynote
Format
: 60-Minute Keynote
Location
: ICC Capital Suites 7&12, Level 3
Wednesday | 10:20am
AML Injection Attacks on Confidential VMs
Speaker:
Satoru Takekoshi
,
Speaker:
Manami Mori
,
Contributor:
Takaaki Fukai
,
Contributor:
Takahiro Shinagawa
Tracks
: Cloud Security, Platform Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
Apple Disk-O Party
Speaker:
Csaba Fitzl
Tracks
: Exploit Development & Vulnerability Discovery, Reverse Engineering
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
From Pass-the-Hash to Code Execution on Schneider Electric M340 PLCs
Speaker:
Amir Zaltzman
,
Speaker:
Avishai Wool
Tracks
: Cyber-Physical Systems & IoT, Hardware / Embedded
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
How the Internet Dodged a Bullet: The KeyTrap Denial-of-Service Attacks against DNSSEC
Speaker:
Elias Heftrig
,
Speaker:
Niklas Vogel
,
Contributor:
Haya Schulmann
,
Contributor:
Michael Waidner
Tracks
: Network Security, Cryptography
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Wednesday | 11:00am
Briefings Morning Coffee Service
Track
:
Location
: Briefings Corridor, Level 3
Wednesday | 11:20am
Improving Side-Channel Protections for Intel TDX
Speaker:
Scott Constable
,
Speaker:
Nagaraju Kodalapura
,
Contributor:
Baruch Chaikin
Tracks
: Defense, Hardware / Embedded
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
Redefining the Origin of Secrecy in a Post-Quantum World
Speaker:
Frey Wilson
Track
: Cryptography
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
The Double (AI) Agent: Flipping a GenAI Agent Behavior from Serving an Application to Attacking it using Promptwares
Speaker:
Ben Nassi
,
Speaker:
Stav Cohen
,
Contributor:
Ron Bitton
Tracks
: AI, ML, & Data Science, Malware
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
WorstFit: Unveiling Hidden Transformers in Windows ANSI!
Speaker:
Orange Tsai
,
Speaker:
Splitline Huang
Tracks
: Application Security: Offense, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Wednesday | 12:00pm
Briefings Lunch
Track
:
Location
: North Halls N22-N23 (Access via ICC Capital Halls), Level 0
Wednesday | 12:15pm
Main Stage: Understanding and Reducing Supply Chain and Software Vulnerability Risks
Speaker:
Danny Jenkins
Track
: Keynote
Format
: 25-Minute Keynote
Location
: ICC Capital Suites 7&12, Level 3
Wednesday | 1:30pm
Breaking Matter: Vulnerabilities in the Matter Protocol
Speaker:
Bela Genge
,
Contributor:
Ioan Padurean
Tracks
: Cyber-Physical Systems & IoT, Network Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
Diving into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer Driver
Speaker:
ZeSen Ye
,
Speaker:
Zhiniang Peng
Tracks
: Platform Security, Reverse Engineering
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
LLMbotomy: Shutting the Trojan Backdoors
Speaker:
Tamás Vörös
Tracks
: AI, ML, & Data Science, Application Security: Defense
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Security analysis of Residential Gateways and ISPs: global network domination is (sneakily) possible
Speaker:
Ta-Lun Yen
Tracks
: Network Security, Hardware / Embedded
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Wednesday | 2:30pm
Operation MIDAS - Tracking Fraudulent Financial Program Organizations
Speaker:
Sung-Wook Jang
,
Speaker:
Yong-Hyun Kim
Tracks
: Threat Hunting & Incident Response, Defense
Format
: 30-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
SysBumps: Exploiting Speculative Execution in System Calls for Breaking KASLR in macOS for Apple Silicon
Speaker:
Hyerean Jang
,
Contributor:
Youngjoo Shin
,
Contributor:
Taehun Kim
Tracks
: Exploit Development & Vulnerability Discovery, Platform Security
Format
: 30-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
The CVSS Deception: How We've Been Misled on Vulnerability Severity
Speaker:
Ankur Sand
,
Speaker:
Syed Islam
,
Contributor:
Michael Davis
,
Contributor:
Joshua Tigges
,
Contributor:
Marty Grant
,
Contributor:
Rusty Clark
Tracks
: Defense, Enterprise Security
Format
: 30-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
Vulnerabilities in the eSIM download protocol
Speaker:
Abu Shohel Ahmed
,
Speaker:
Tuomas Aura
Tracks
: Mobile, Network Security
Format
: 30-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Wednesday | 3:00pm
Briefings Afternoon Coffee Service
Track
:
Location
: Briefings Corridor, Level 3
Wednesday | 3:20pm
SpAIware & More: Advanced Prompt Injection Exploits in LLM Applications
Speaker:
Johann Rehberger
Tracks
: AI, ML, & Data Science, Application Security: Offense
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea Threat Actors, Tactics, and Defense Strategies
Contributor:
Kristina Balaam
,
Speaker:
Kyle Schmittle
,
Speaker:
Alemdar Islamoglu
Tracks
: Malware, Mobile
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise
Speaker:
Yuya Chudo
Tracks
: Cloud Security, Malware
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
When (Remote) Shells Fall Into The Same Hole: Rooting DrayTek Routers Before Attackers Can Do It Again
Speaker:
Stanislav Dashevskyi
,
Speaker:
Francesco La Spina
Tracks
: Network Security, Cyber-Physical Systems & IoT
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
Wednesday | 4:20pm
A Novel Attack Surface: Java Authentication and Authorization Service (JAAS)
Speaker:
ZiYang Li
,
Speaker:
Ji'an Zhou
,
Speaker:
Ying Zhu
Tracks
: Application Security: Offense, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
Exposing the dark corners of SAP: 4-Years of Threat Intelligence data analyzed
Speaker:
Yvan Genuer
Tracks
: Enterprise Security, Threat Hunting & Incident Response
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Heartbeat Havoc: Unveiling Remote Vulnerabilities in Windows Network Load Balancing
Speaker:
b2ahex .
,
Speaker:
Yifen Ma
,
Contributor:
Greenbamboo C
,
Contributor:
Haotian Jiang
Tracks
: Network Security, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
The Bugs in Your Bootloaders: Embedded Device Secure Boot Fails and How to Fix Them
Speaker:
Henrik Ferdinand Nölscher
Tracks
: Enterprise Security, Platform Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Thursday | 8:00am
Briefings Breakfast
Track
:
Location
: Briefings Corridor, Level 3
Thursday | 9:00am
Keynote: Fighting Cybercrime in 2024
Speaker:
Eric Freyssinet
Track
: Keynote
Format
: 60-Minute Keynote
Location
: ICC Capital Suites 7&12, Level 3
Thursday | 10:20am
Defending off the land: Agentless defenses available today
Speaker:
Jacob Torrey
,
Speaker:
Marco Slaviero
Tracks
: Defense, Platform Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
Mind the Data Gap: Privacy Challenges in Autonomous AI Agents
Speaker:
Narayana Pappu
,
Speaker:
Rubens Zimbres
Tracks
: Privacy, AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
My other ClassLoader is your ClassLoader: Creating evil twin instances of a class
Speaker:
Dimitrios Valsamaras
Tracks
: Mobile, Exploit Development & Vulnerability Discovery
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Over the Air: Compromise of Modern Volkswagen Group Vehicles
Speaker:
Danila Parnishchev
,
Speaker:
Artem Ivachev
,
Speaker:
Mikhail Evdokimov
,
Contributor:
Aleksei Stennikov
,
Contributor:
Polina Smirnova
,
Contributor:
Radu Motspan
Tracks
: Hardware / Embedded, Cyber-Physical Systems & IoT
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Thursday | 11:00am
Briefings Morning Coffee Service
Track
:
Location
: Briefings Corridor, Level 3
Thursday | 11:20am
Is Your Memory Protected? Uncovering Hidden Vulnerabilities in Automotive MPU Mechanisms
Speaker:
Nimrod Stoler
,
Speaker:
David Lazar
Tracks
: Hardware / Embedded, Cyber-Physical Systems & IoT
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Reasonable Regs vs Red Tape: How Should Governments Tackle the Cyber Intrusion Market
Speaker:
Benjamin Walden
Track
: Policy
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
The Devil is in the (Micro-) Architectures: Uncovering New Side-Channel and Bit-Flip Attack Surfaces in DNN Executables
Speaker:
Yanzuo Chen
,
Speaker:
Zhibo Liu
,
Contributor:
Yuanyuan Yuan
,
Contributor:
Tianxiang Li
,
Contributor:
Sihang Hu
,
Contributor:
Zhihui Lin
,
Contributor:
Shuai Wang.
Track
: AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
The Insecure IoT Cloud Strikes Again: RCE on all Ruijie Cloud-Connected Devices
Speaker:
Noam Moshe
,
Speaker:
Tomer Goldschmidt
Tracks
: Cyber-Physical Systems & IoT, Cloud Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Thursday | 12:00pm
Briefings Lunch
Track
:
Location
: North Halls N22-N23 (Access via ICC Capital Halls), Level 0
Thursday | 1:30pm
CodeCloak: A DRL-Based Method for Mitigating Code Leakage by LLM Code Assistants
Speaker:
Amit Finkman
,
Contributor:
Avishag Shapira
,
Contributor:
Eden Bar Kochva
,
Contributor:
Asaf Shabtai
,
Contributor:
Yuval Elovici
,
Contributor:
Inbar Maimon
,
Contributor:
Dudu Mimran
Track
: AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
Guest Revolution: Chaining 3-bugs to compromise the Windows kernel from the VMware guest
Speaker:
Junoh Lee
,
Speaker:
Gwangun Jung
Tracks
: Exploit Development & Vulnerability Discovery, Application Security: Offense
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
Infusing AI in Cybersecurity: The Times They Are AI-Changin'
Speaker:
Eduardo Barbaro
,
Speaker:
Roberto Moratore
,
Contributor:
Ignjat Pejic
,
Contributor:
Alessandro Giordani
,
Contributor:
Arlindo Trindade
Tracks
: Defense, AI, ML, & Data Science
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
WiFi Calling: Revealing Downgrade Attacks and Not-so-private private Keys
Speaker:
Adrian Dabrowski
,
Speaker:
Gabriel Gegenhuber
,
Contributor:
Florian Holzbauer
,
Contributor:
Philipp É. Frenzel
Tracks
: Mobile, Network Security
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Thursday | 2:30pm
Blast-RADIUS: Breaking RADIUS, the de facto standard protocol for authentication, authorization, and accounting for networked devices
Speaker:
Miro Haller
Tracks
: Cryptography, Network Security
Format
: 30-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
Is JavaScript Trustworthy in Cloud Computing?
Speaker:
Zong Cao
,
Speaker:
Qian Zhu
,
Contributor:
Hongkun Chen
,
Contributor:
Yang Liu
,
Contributor:
Xiu Zhang
Tracks
: Cloud Security, AI, ML, & Data Science
Format
: 30-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Parse Me, Baby, One More Time: Bypassing HTML Sanitizer via Parsing Differentials
Speaker:
David Klein
Tracks
: Application Security: Offense, Exploit Development & Vulnerability Discovery
Format
: 30-Minute Briefings
Location
: ICC Capital Suite 4, Level 3
UNC1860 and The Temple of Oats - Iran's hidden hand in Middle Eastern Networks
Speaker:
Stav shulman
Tracks
: Threat Hunting & Incident Response, Malware
Format
: 30-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Thursday | 3:00pm
Briefings Afternoon Coffee Service
Track
:
Location
: Briefings Corridor, Level 3
Thursday | 3:20pm
Decoding EM-FI Attacks: Lessons Learned from Glitching the GigaDevice GD32F407
Speaker:
Jonathan Andersson
,
Speaker:
Thanos Kaliyanakis
Tracks
: Reverse Engineering, Hardware / Embedded
Format
: 40-Minute Briefings
Location
: ICC Capital Suite 14, Level 3
Enhancing Automatic Vulnerability Discovery for Windows RPC/COM in New Ways
Speaker:
R4nger .
,
Speaker:
Fangming Gu
,
Speaker:
Zhiniang Peng
Tracks
: Exploit Development & Vulnerability Discovery, Reverse Engineering
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 9&10, Level 3
The Black Hat Europe Network Operations Center (NOC) Report
Speaker:
Neil Wyler
,
Speaker:
Bart Stump
Tracks
: Network Security, Application Security: Defense
Format
: 40-Minute Briefings
Location
: ICC Capital Suites 7&12, Level 3
Thursday | 4:20pm
Locknote: Conclusions and Key Takeaways from Black Hat Europe 2024
Moderator:
Jeff Moss
,
Panelist:
Stefano Zanero
,
Panelist:
James Forshaw
,
Panelist:
Meadow Ellis
,
Panelist:
Vandana Verma
Track
: Keynote
Format
: 40-Minute Keynote
Location
: ICC Capital Suites 7&12, Level 3