Alex Wheeler and Neel Mehta: Owning Anti-Virus: Weaknesses in a Critical Security Component

Black Hat Briefings, Las Vegas 2005 [Audio] Presentations from the security conference

コンテンツは Black Hat / CMP and Jeff Moss によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャストコンテンツは、Black Hat / CMP and Jeff Moss またはそのポッドキャストプラットフォームパートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。

18+ y ago 1:05:10

MP3•エピソードのホーム

AV software is becoming extremely popular because of the its percieved protection. Even the average person is aware they want AV on their computer (see AOL, Netscape, Netzero, Earthlink, and other ISP television ads). What if: Instead of protecting ppl from hackers AV software was actually making it easier for hackers? This talk will outline general binary auditing techniques using AV software as an example, and demonstrate examples of remote AV vulnerabilities discovered using those techniques. Alex Wheeler is a security researcher, who specializes in reversing engineering binaries for security vulnerabilities. His research experience was cultivated during his time with ISS X-Force, which he spent auditing critical network applications and technologies for security vulnerabilities. Alex's recent audit focus on AV products has lead to the discovery of serious systemic and point vulnerabilities in many major AV products. Neel Mehta works as an application vulnerability researcher at ISS X-Force, and like many other security researchers comes from a reverse-engineering background. His reverse engineering experience was cultivated through extensive consulting work in the copy protection field, and has more recently been focused on application security. Neel has done extensive research into binary and source-code auditing, and has applied this knowledge to find many vulnerabilities in critical and widely deployed network applications.

61 つのエピソード