SafeBreach has announced original research from its SafeBreach Labs team will be featured in three separate sessions at Black Hat Asia 2024. SafeBreach’s Vice President of Security Research Tomer Bar and fellow researchers Or Yair and Shmuel Cohen are set to release a series of high-profile research pieces following a successful year at Black Hat USA 2023 and DEFCON 2023, where the SafeBreach Labs team presented an unprecedented five sessions.
The sessions at Black Hat Asia will include several significant discoveries exploring how endpoint detection and response (EDR) solutions and unfixed, known software issues can be exploited to present a significant security risk to enterprises. Details about the sessions, including dates and times, are included below:
- MagicDot: A Hacker’s Magic Show of Disappearing Dots and Spaces – Thursday, April 18 1:30 pm – 2:10 pm: Security Research Team Lead Or Yair will explore how he was able to exploit a seemingly harmless known issue associated with the DOS-to-NT path conversion process in Microsoft Windows to discover a set of vulnerabilities—including a remote code execution (RCE) vulnerability—and rootkit-like techniques accessible to unprivileged attackers.
- The Dark Side of EDR: Repurpose EDR as an Offensive Tool – Friday, April 19 11:20 am – 12:00 pm: Security Researcher Shmuel Cohen will explore his discovery of a novel attack vector that allowed him to secretly take control of an EDR solution and bypass important security measures, like real-time prevention rules and machine learning detection modules. He will also explain how he was able to insert malicious code into the EDR itself, causing it to run very stealthy malware within the EDR process.
- EDR Reloaded: Erase Data Remotely – Friday, April 19, 1:30 pm – 2:10 pm: VP of Security Research Tomer Bar and Security Researcher Shmuel Cohen will provide an overview of their previous research originally published in August 2023, which identified a vulnerability in several EDR products that enabled remote deletion of critical files. They will highlight how they have been able to continue exploiting the vulnerability—and even achieve a generic Windows Defender bypass—despite the release of two patches.
For more information about the sessions and to connect with SafeBreach at Black Hat Asia 2024 on April 16-19, visit www.safebreach.com/events.
Related
This entry was posted on April 4, 2024 at 2:30 pm and is filed under Commentary with tags SafeBreach. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
SafeBreach Labs to Present Three Pieces of Original Research at Black Hat Asia 2024
SafeBreach has announced original research from its SafeBreach Labs team will be featured in three separate sessions at Black Hat Asia 2024. SafeBreach’s Vice President of Security Research Tomer Bar and fellow researchers Or Yair and Shmuel Cohen are set to release a series of high-profile research pieces following a successful year at Black Hat USA 2023 and DEFCON 2023, where the SafeBreach Labs team presented an unprecedented five sessions.
The sessions at Black Hat Asia will include several significant discoveries exploring how endpoint detection and response (EDR) solutions and unfixed, known software issues can be exploited to present a significant security risk to enterprises. Details about the sessions, including dates and times, are included below:
For more information about the sessions and to connect with SafeBreach at Black Hat Asia 2024 on April 16-19, visit www.safebreach.com/events.
Share this:
Like this:
Related
This entry was posted on April 4, 2024 at 2:30 pm and is filed under Commentary with tags SafeBreach. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.