Black Hat Intercepted | James Holland, Palo Alto Networks

James Holland from the Office of the CTO at Palo Alto Networks shares insights from having attended around 14 Black Hat events, focusing on proactive threat detection and zero-day threat analysis. Learn how network operations centers identify emerging threats without relying on specific CVE knowledge, how firewalls provide critical visibility for zero-day attacks, and the essential role of XDR and EDR platforms in incident response and timeline reconstruction. Discover how Black Hat research enables security teams to build protection for entire classes of exploit techniques rather than chasing individual vulnerabilities. This community-driven approach helps the cybersecurity industry strengthen defenses against threat actors worldwide through shared knowledge and broader security strategies.

source https://www.youtube.com/shorts/o8ojdgF3YjM

Black Hat Europe 2025 | Taking Over Your Amazon Account With A Kindle

Amazon's Kindle is the most popular e-reader on the market, with an extensive ecosystem of e-books. From a security perspective, Kindle devices especially stand out because they are often linked to an Amazon account. Their complex software stack supports numerous e-book file formats (AZW, MOBI, PDF...), as well as many underlying media formats that increase the attack surface. As such, downloading an e-book from the store may allow an attacker to gain root access to the device, take control of the Amazon account, and steal credit card information. In this talk, we will dive into the internals of Kindle devices and discuss a $20,000 bug in the parsing of Audible audiobooks which allowed us to take full control of the e-reader. We will also share general insights on fuzzing file formats based on the MPEG-4 standard (ISOBMFF). By: Valentino Ricotta | Security Researcher, Thales https://ift.tt/YxPg8G5

source https://www.youtube.com/watch?v=YslYzj5f2es

Black Hat Europe 2025 | Ghosts in the Stream: Exposing Lives and Devices Behind Encrypted Doors

Strong encryption has infiltrated even the most basic battery-powered Internet of Things (IoT) gadgets. Thanks to the latest technological breakthroughs and standard developments – such as the Matter IoT standard – these tiny devices are now generating ephemeral Diffie-Hellman keys for every session, sign and encrypt messages, juggle certificate chains, and more. It sounds like IoT users can finally kick back, convinced their privacy is locked down. But not so fast. As this talk reveals, the rigid message structure of Matter traffic leaves it wide open to pattern-based snooping. Passive analysis can unmask exactly what devices lurk in a smart home and pinpoint user actions. Our data, pulled from a real-world office setup at Bitdefender in Targu Mures, Romania, shows that few traces of encrypted traffic are all it takes to identify sensors, actuators, door locks, and lamps. We could even track user movements: smart plugs toggling, locks clicking, lamps changing color. The kicker? Simple statistical techniques are enough to crack user behavior, all from encrypted traffic. With such analytical tools, it becomes possible to systematically reconstruct and reveal the daily routines of individual home users, as well as to uncover privacy-sensitive behaviors in organizational contexts, such as those of office employees working remotely in various environments. The talk also dives into why fixing this could be a real headache, since Matter's session protocol introduced versioning only starting with Matter version 1.3. The talk will take a deep dive into why these protocol design choices matter and why future standards should prioritize such aspects. By: Kristopher Schlett | Master's student, Eindhoven University of Technology Bela Genge | Senior Security Researcher, Bitdefender Ioan Padurean | Junior Security Researcher, Bitdefender Savio Sciancalepore | Senior Assistant Professor, Technische Universiteit Eindhoven (TU/e), Department of Mathematics and Computer Science (M&CS) https://ift.tt/0e1TQfL

source https://www.youtube.com/watch?v=1I8xo-tjJSs

Black Hat Europe 2025 | Offensive Testing Of HarmonyOS NEXT Applications With Harm0nyz3r & DVHA

HarmonyOS NEXT marks Huawei's transition to a fully independent operating system, powering a growing ecosystem of mobile devices and applications. While adoption is accelerating, public research into its security architecture, and its implications for app developers and end users, remains minimal. This talk presents the results of a security assessment of HarmonyOS NEXT and its application ecosystem, combining a custom-built testing framework (Harm0nyz3r) with a purposely vulnerable application (Damn Vulnerable HarmonyOS Application – DVHA). Harm0nyz3r, inspired by Android security tools like Drozer, enables researchers to enumerate and interact with app IPC endpoints, fuzz abilities, and invoke hidden or restricted components. DVHA serves as a realistic playground, containing vulnerabilities such as insecure logging, hardcoded credentials, insecure data storage, SQL injection, command injection, and access control bypasses. We will walk through methodology, exploitation workflows, and real-world findings, including challenges posed by HarmonyOS NEXT's unique security model and differences from Android. Live demonstrations will show how Harm0nyz3r maps an application's attack surface, crafts malicious payloads, and successfully exploits vulnerabilities in DVHA — with clear takeaways for vulnerability discovery in production apps. Attendees will leave with a practical understanding of HarmonyOS NEXT app security, new offensive testing techniques for this emerging platform, and an appreciation of why mobile security research must expand beyond Android and iOS to address the next wave of global devices. By: Jorge Wallace | Cybersecurity Technical Leader, DEKRA https://ift.tt/UDduJcN

source https://www.youtube.com/watch?v=4xfSTNgy8UE

Black Hat Europe 2025 | Pickle Exploitation Techniques And Their Detection Using SaferPickle

Python's pickle format is a security minefield, yet it remains a cornerstone of modern AI/ML and data science workflows. While its dangers are well-known, the effectiveness of existing open-source scanners against sophisticated attacks has remained largely unexamined. In this talk we introduce five novel bypass techniques to defeat popular open-source scanners like Fickling, Modelscan and Picklescan. We will demonstrate how these tools can be tricked into classifying overtly malicious pickles as safe. To combat these threats, we propose SaferPickle, a new open-source library. This library enhances the pickle format's security at runtime through transparent hardening. We will present its robust, multi-layered scanning engine, which integrates behavioral analysis, direct opcode inspection, and an intelligent module resolution system capable of securely reconstructing malicious calls from fragmented code. Finally, we'll share our journey of deploying SaferPickle to protect ML workloads at Google and integrating it as the first-ever pickle scanner in VirusTotal. Attendees will leave with knowledge of bypass techniques, a new open-source tool and experience of how to harden the ML supply chain against one of its most persistent threats. By: George Litvinov | Security Engineer, Google Andrew Johnston | Senior Security Engineer, Google https://ift.tt/rmJUbLh

source https://www.youtube.com/watch?v=hWc1P_yYrkY

Black Hat Europe 2025 | Habemus Securitas - Exploring Apple's Hidden Territories

With the Secure Page Table Monitor (SPTM) and Exclaves, Apple has introduced a broad spectrum of new memory protection mechanisms over the past few years, realized through their Guarded Execution Feature (GXF). Currently, there is little public discussion on piecing these mechanisms together and exploring the broader implications of XNU compartmentalization. In this talk, we will delve into the inner workings of SPTM, exploring how its services are utilized by XNU and other secure world clients, namely the Secure Kernel (SK), Trusted Execution Monitor (TXM), and Exclaves, and the contributions they make to system and memory security. To achieve this, we analyze the underlying SPTM functionality, with a focus on memory frame typing, page mapping, and the implemented rulesets governing iOS memory mapping across newly introduced SPTM security domains. By: Moritz Steffin | Master's Student, Hasso Plattner Institute, University of Posdam https://ift.tt/RphTtXI

source https://www.youtube.com/watch?v=rQnu_0aPQY0

Black Hat Europe 2025 | Low-Cost Memory Interposer Attacks On Confidential Computing

As cloud computing adoption grows, so do concerns about trust and data privacy. Confidential computing, powered by innovative hardware technologies like Intel SGX and AMD SEV, promises strong isolation and transparent memory encryption to protect against privileged attackers and physical threats such as bus snooping and cold boot attacks. In this talk we present a custom, low-cost (50 dollar) DDR4 interposer that dynamically manipulates memory address lines to create adversarial aliases, tricking the processor into granting unauthorized access to encrypted memory. Crucially, our interposer operates at runtime, allowing it to bypass recent boot-time firmware mitigations deployed by Intel and AMD in response to our earlier software-based "BadRAM" memory aliasing attacks. Using our novel interposer, we undermine trust in both the Intel SGX and AMD SEV ecosystems. We demonstrate the first successful attack on Intel's Scalable SGX single-key memory domain, enabling arbitrary plaintext read/write access and extraction of SGX's platform provisioning key used for remote attestation. Additionally, we achieve full attestation bypasses on up-to-date AMD SEV-SNP systems despite the latest firmware defenses, allowing us to forge attestation reports and implant persistent backdoors in SEV-protected virtual machines. In the broader context, our results challenge fundamental assumptions about encrypted memory security guarantees and expose critical flaws in the performance-security trade-offs of today's confidential cloud computing systems. By: Jesse De Meulemeester | PhD researcher, COSIC, KU Leuven Jo Van Bulck | Prof., DistriNet, KU Leuven David Oswald | Prof., Durham University https://ift.tt/cCXioZJ

source https://www.youtube.com/watch?v=AyJqRmIBHKk

Black Hat Europe 2025 | The Fragile Lock: Novel Bypasses For SAML Authentication

SAML2 has been the backbone of enterprise single sign-on for over 20 years. Behind its familiar facade lies a chaotic mix of legacy specifications, fragile XML processing, and false assurances of security. Despite endless patches and best practices, the protocol continues to collapse under the weight of its own complexity. In this talk, I will show you how to bypass authentication using subtle flaws in XML handling. I will introduce several previously unpublished techniques that enable the crafting of reliable, stealthy exploits against SAML implementations that appear secure on the surface. I will also release an open-source toolkit designed to identify and exploit these vulnerabilities in real-world SAML deployments. It is time to stop patching the unpatchable and start questioning the protocol itself. By: Zak Fedotkin | Researcher, PortSwigger https://ift.tt/D4o6VIw

source https://www.youtube.com/watch?v=o5KpYzbQYG0

Black Hat Europe 2025 | Why We Can't Retrofit Old Security Principles Onto AI Agents

Traditional security relies on axioms like separating code from data, but LLM-based agents blur these lines by treating user prompts and untrusted external content as identical semantic inputs. Dr. Ilia Shumailov argues that current defenses are fundamentally flawed: adaptive attacks bypass standard guardrails with over 90% success, and existing red-teaming incentives often perpetuate vulnerabilities rather than fixing them. This session presents a breakthrough alternative—deployment architectures that fix prompt injections by design and scale to support complex Web and Computer Use Agents. Discover how to move beyond fragile detection models toward systems with provable security against control-flow injections and verifiable security against data-flow attacks for the next generation of autonomous agents. By: Ilia Shumailov | PhD in Computer Science from the University of Cambridge https://ift.tt/t9mGWCQ

source https://www.youtube.com/watch?v=HGCwYIUgoKc

Black Hat Intercepted | Mike Spicer, Black Hat NOC Lead

Meet Mike Spicer (aka DarkMatter), a NOC lead at Black Hat, revealing how the team detected and tracked down a compromised attendee during the conference. When a device connected to the network and started communicating with a known malicious source, an alert was triggered among hundreds of thousands of events. The team conducted a deep dive analysis, examining packet types and communication patterns to identify the threat actor through behavioral analysis. Using open-source intelligence techniques, the team fingerprinted the network communication, pieced together the digital breadcrumbs, and matched the activity to a registered attendee. The team successfully made contact to help secure the compromised device.

source https://www.youtube.com/shorts/ddpZoTcvGmQ

Black Hat Europe 2025 | Understanding Trends & Patterns In Insider Threat: Analysis Of 1,000+ Cases

This session examines the world of malicious insider threat by identifying the trends and patterns of the Tactics, Techniques, and Procedures (TTPs) observed in over 1,000 cases. Rather than focus on attitudinal surveys or anecdotal data, this session will explore the TTPs used by malicious insiders which are most valuable to digital forensic examiners and incident responders. By: Michael Robinson | Senior Security Analyst, Google https://ift.tt/bNAYdWc

source https://www.youtube.com/watch?v=-ueCcEdDjOM