Editor's Picks

Best Talks at DEF CON 32 Main Stage

Hand-picked from in-depth reviewer verdicts — the top 12 talks from this conference. Skip the noise, find the signal.

← All talks at DEF CON 32 Main Stage

  1. 1

    Breaking Secure Web Gateways for Fun and Profit

    Vivek Ramachandran, Jeswin Mathai

    In "Breaking Secure Web Gateways for Fun and Profit," Vivek Ramachandran, joined by Dashita (and Jeswin Mathai in spirit), delivered a compelling and critical analysis of **Secure Web Gateways (SWGs)**, a foundational component of enterprise web security. The talk dissects the…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  2. 2

    DEF CON Closing Ceremonies & Awards

    Unknown

    The DEF CON 32 Closing Ceremonies, delivered by an unnamed but clearly central figure in the conference's organization, served as more than just a wrap-up; it was a strategic declaration of intent and a rallying cry for the global cybersecurity community. Under the overarching…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  3. 3

    Securing CCTV Cameras Against Blind Spots

    Jacob Shams

    In the realm of modern surveillance, Artificial Intelligence (AI)-powered object detectors are increasingly deployed in Closed-Circuit Television (CCTV) systems to automate threat detection and enhance security. However, this talk, "Securing CCTV Cameras Against Blind Spots" by…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  4. 4

    Sshamble Unexpected Exposures in the Secure Shell

    HD Moore, Rob King

    In "Sshamble Unexpected Exposures in the Secure Shell," HD Moore and Rob King from runZero delve into the intricate and often overlooked security landscape of the Secure Shell (SSH) protocol. Prompted by the high-profile XZ Utils backdoor (CVE-2024-3094), their research began…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  5. 5

    Splitting the email atom exploiting parsers to bypass access controls

    Gareth Heyes

    In "Splitting the Email Atom: Exploiting Parsers to Bypass Access Controls," Gareth Heyes, a prominent security researcher, delves into the often-overlooked complexities and inherent vulnerabilities within email address parsing. The talk meticulously uncovers how discrepancies…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  6. 6

    AMD Sinkclose-Universal Ring2 Privilege Escalation

    Enrique Nissim, Krzysztof Okupski

    This talk, "AMD Sinkclose-Universal Ring2 Privilege Escalation," delivered by Enrique Nissim and Krzysztof Okupski at DEF CON 32, reveals a critical architectural flaw present in AMD processors for at least 18 years. The presentation details a novel method to achieve **Ring2…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  7. 7

    The XZ Backdoor Story: The Undercover Op That Set the Internet on Fire

    Thomas Roccia

    The XZ Backdoor story represents one of the most sophisticated and alarming supply chain attacks ever uncovered, a testament to the persistent and insidious nature of modern cyber threats. Presented by Thomas Roccia, a Senior Threat Researcher at Microsoft, this talk delves…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  8. 8

    Behind Enemy Lines: Going undercover to breach LockBit Ransomware Op

    Jon DiMaggio

    In a groundbreaking talk at DEF CON 32, cybersecurity expert Jon DiMaggio of Analyst One unveiled an unprecedented methodology for infiltrating one of the world's most prolific ransomware operations: LockBit. Shifting away from traditional technical analysis, DiMaggio detailed…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  9. 9

    AWS CloudQuarry: Digging for secrets in public AMIs

    Eduard Agavriloae, Matei Josephs

    This talk, "AWS CloudQuarry: Digging for secrets in public AMIs," presented by Eduard Agavriloae and Matei Josephs, unveils a widespread security vulnerability stemming from misconfigured public Amazon Machine Images (AMIs). An **AMI** serves as a template for launching Amazon…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  10. 10

    Unsaflok: Hacking millions of hotel locks

    Lennert Wouters, Ian Carroll

    In a groundbreaking presentation at DEF CON 32, security researchers Lennert Wouters and Ian Carroll unveiled "Unsaflok," a critical vulnerability impacting millions of hotel locks manufactured by Dormakaba. Their research exposed a fundamental design flaw in the widely…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  11. 11

    Nano Enigma Uncovering the Secrets in eFuse Memories

    Michal Grygarek, Martin Petr

    In the realm of embedded system security, hardware-based protections are often considered the strongest line of defense. Among these, **eFuse memories** play a critical role, serving as one-time programmable (OTP) storage for immutable configurations such as secure boot keys…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  12. 12

    Compromising Electronic Logger & Creating Truck2Truck Worm

    Jake Jepson, Rik Chatterjee

    Jake Jepson and Rik Chatterjee, master’s students from Colorado State University, presented groundbreaking research at DEF CON 32 detailing the first known wireless drive-by attack on a heavy-duty truck. Their talk, "Compromising Electronic Logger & Creating Truck2Truck Worm,"…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★

View all talks at DEF CON 32 Main Stage →