Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, February 29 • 10:00am - 10:55am
Sedating the Watchdog: Abusing Security Products to Bypass Windows Protections

Sign up or log in to save this to your schedule and see who's attending!

A few months ago, we came across a critical vulnerability in a popular security product that could act as a vehicle for a threat actor to bypass the protections of the underlying Windows system. This was only the tip of the iceberg.A deeper research revealed this issue to be present in a multitude of common Anti-Virus (AV) products. This was not something to ignore. In fact, we can assume that apart from AV products, other security products such as Data Loss Prevention (DLP) and other intrusive non-security related products such as app-performance solutions, may potentially rely on this malpractice.Making matters worse, we found a second malpractice in intrusive products which simplifies the process for threat actors to run their exploits.During the following few months we notified popular vendors and collaborated with them on a solution. In a coordinated effort, various vendors have fixed their products and released the necessary patches. In this talk we reveal a detailed description of the vulnerability and its impact. Additionally, we release a tool that the audience can use to validate whether their systems are now secure from this vulnerability.

Speakers
TB

Tomer Bitton

Tomer Bitton has more than 12 years of experience in security research. Tomer focuses on original research such as malware reversing, hostile code and extreme packers. In his prior role, Tomer served as a low-level security researcher at the National Electronic Warfare Research & Simulation Center of Rafael Advanced Defense Systems. There, he won excellence and innovation awards for complex security projects. Before that, Tomer managed the... Read More →
avatar for Udi Yavo

Udi Yavo

CTO, enSilo
Udi Yavo has more than 15 years of experience in security with a proven track record in leading cutting edge cyber-security R&D projects. Prior to enSilo, Udi spearheaded the direction of the cyber-security unit at the National Electronic Warfare Research & Simulation Center of Rafael Advanced Defense System and served as its CTO. Additionally, he developed and led Rafael’s cyber training programs. Udi’s achievements at Rafael have been... Read More →


Monday February 29, 2016 10:00am - 10:55am
DNA Lounge 375 11th St, San Francisco, CA 94103

Attendees (19)