So here’s the first round of stuff from Black Hat and DEFCON 27. I apologize that I’m just posting links, but I haven’t had time to really digest any of these presentations, and I want to get the links up while they are still semi-timely:
- “Look, No Hands! — The Remote, Interaction-less Attack Surface of the iPhone” by Natalie Silvanovich. Slides here. Google Project Zero blog post here.
- “Bypassing the Maginot Line: Remotely Exploit the Hardware Decoder on Smartphone” by Xiling Gong and Peter Pi. White paper here. Slides here. Blog post here.
- “Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD)” by Sean Metcalf and Mark Morowczynski. Slides here.
- “Reverse Engineering WhatsApp Encryption for Chat Manipulation and More” by Roman Zaikin and Oded Vanunu. Slides here.
I think it’s still early for today’s Black Hat and DEFCON presentations. I may try to get another post up tonight.