Black Hat USA 2014 hosted over 9,000 attendees in Las Vegas last week and featured 110 highly informative briefings.
Don't fret if you missed it: Some of BHUSA's best talks have now been uploaded to YouTube.
In addition, Black Hat has been busy collecting as many white papers and presentation materials as they can get from all 180 presenters, and you can find links to everything currently available on
the BHUSA 2014 Archives page.
Previous Black Hat USA 2014 coverage:
As a bonus, dozens of Black Hat Asia 2014's videos were also quietly added (in full) to
the BH official YouTube channel.
Not sure where to start? Let us be your humble, delighted guide with our shortlist below.
Keynote: Cybersecurity as Realpolitik
It was strongly praised and strongly criticized -- but everyone agrees that CIA security chief Dan Geer's keynote was
Decide for yourself and watch
the Cybersecurity as Realpolitik video, or read the transcript in full here.
Talk: BadUSB: On Accessories That Turn Evil
Yes, that innocuous seeming little USB stick is one of enterprise's newest threats. Karsten Nohl and Jakob Lell's presentation was among the most talked-about briefings at the conference.
You can watch
BadUSB - On Accessories that Turn Evil on YouTube. Their talk introduced a new form of malware that operates from controller chips inside USB devices.
Talk: Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol
In the arena of mobile threats, we were excited about Mathew Solnik and Marc Blanchou's talk and they didn't disappoint.
Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol, for a sobering look at what they found reverse-engineering and deconstructing these hidden controls.
The presentation .pdf slides for Android FakeID Vulnerability Walkthrough
Talk: Mission mPOSsible
We don't need another Target hack to tell us that payment system threats are no laughing matter, no matter what the target's name is.
Eagerly awaited and packed with information,
Nils and Jon Butler's Mission mPOSsible talk on YouTube should be watched by anyone with chip-and-pin payments in any link of their business chain.
The presentation .pdf slides for A Journey to Protect Points of Sale
Talk: SATCOM Terminals: Hacking by Air, Sea and Land
Ruben Santamarta's briefing showcased the threat arena for Satellite Communications (SATCOM) and how communications equipment used on airplanes and ships can be abused with something as simple as an SMS.
We'd consider the
SATCOM Terminals: Hacking by Air, Sea, and Land video to be especially important to include in shipping security tactical considerations and their solutions.
See also: Santamarta's SATCOM Hacking
whitepaper and presentation slides.
Talk: Breaking the Security of Physical Devices
Australian researcher Silvio Cesare examines common devices such as home alarm systems and shows how to unlock them.
The most discussed part of the
Breaking the Security of Physical Devices video starts at around 33:00, where he demonstrates how he spoofed a wireless car key fob to unlock his car without the key -- more than once.
Talk: Bringing Software Defined Radio to the Penetration Testing Community
video of Bringing Software Defined Radio to the Penetration Testing Community, the researchers make a serious case for the necessity of attention by pentesters to not only expand any wireless testing they're already doing, but to also provide a toolset for pentesters who don't know wireless pentesting in depth but want to add it to their arsenal. If this intrigues you, don't miss the .pdf of their presentation slides and downloadable toolkit.
The .pdf presentation slides for Hacking the Wireless World With Software Defined Radio - 2.0
Talk materials our readers may also find interesting:
FYI: All Black Hat USA 2014 and DEFCON 22 talks can be ordered here. Photo credit: Image courtesy of Black Hat USA/UBM Tech, used with permission.