Skip to main content

We will keep fighting for all libraries - stand with us!

#HITB2013AMS D1T1 P Uhley and K Raman - Security Response in the Age of Mass Customized Attacks

Movies Preview

movies

#HITB2013AMS D1T1 P Uhley and K Raman - Security Response in the Age of Mass Customized Attacks

by
Hack In The Box Security Conference

Publication date
Topics
Youtube, video, Science & Technology, vulnerability, sandboxing, pdf, malware, hackinthebox, karthik raman, adobe ssec, raman, security response, peleus uhley, exploit, hitbsecconf, obfuscation, adobe pdf, hackers, adobe, customized attacks, Amsterdam, flash player, uhley, ssec, security, adobe flash, hitb, flash, Hitb2013ams, 0day, attacks,
PRESENTATION MATERIALS: http://conference.hitb.org/hitbsecconf2013ams/materials/ PRESENTATION ABSTRACT: The goal of mass malware is to successfully run on as many different platforms and applications as possible. The goal of 0-day malware is to exploit a narrow set of hosts. In recent 0-day attacks against Adobe Flash Player and Adobe Reader, we have observed exploits combining the features of mass malware -- obfuscation and complexity -- with the quality that makes up a successful 0-day exploit: one or more heretofore unpatched vulnerabilities in an application. In this talk we will discuss Adobe's response to such attacks that use "mass-customized" malware. We will detail the features that herald these attacks as the start of a new trend of exploitation, using four recent 0-day vulnerabilities as case studies. We will reflect on the relative success of sandboxing in context of these attacks and in addition, we will explain how we adapted our security response strategies to meet this new trend of exploitation. ABOUT PELEUS UHLEY Peleus Uhley is the Platform Security Strategist within Adobe's Secure Software Engineering Team (ASSET). His primary focus is advancing Adobe's Secure Product Lifecycle (SPLC) and assisting with incident response within Adobe platform technologies, including Flash Player, ColdFusion and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to be a security consultant for @stake and Symantec. ABOUT KARTHIK RAMAN Karthik Raman is a security researcher on the Adobe Secure Software Engineering Team (ASSET), where he focuses on vulnerability analysis and technical collaboration with industry partners. Before joining Adobe, Karthik was a research scientist at McAfee Labs, where he worked on threat analysis, building automation systems, malware analysis, and developing advanced antimalware technology. Karthik holds a Master of Science degree in Computer Science from UC Irvine and Bachelor of Science degrees in Computer Science and Computer Security from Norwich University.

Source: https://www.youtube.com/watch?v=_mr_7DmCSjw
Uploader: Hack In The Box Security Conference
Addeddate
2019-05-15 08:04:38
Identifier
youtube-_mr_7DmCSjw
Originalurl
https://www.youtube.com/watch?v=_mr_7DmCSjw
Scanner
Internet Archive Python library 1.8.4
Year
2013

plus-circle Add Review
comment
Reviews

There are no reviews yet. Be the first one to write a review.

33 Views

DOWNLOAD OPTIONS

download 1 file
ITEM TILE download
download 1 file
JPEG download
download 1 file
MPEG4 download
download 1 file
OGG VIDEO download
download 1 file
TEXT download
download 1 file
TORRENT download
download 1 file
WEB VIDEO TEXT TRACKS download
download 76 Files
download 12 Original
SHOW ALL

IN COLLECTIONS

Hack In The Box Security Conference Hacker Conferences

Uploaded by narabot on

SIMILAR ITEMS (based on metadata)

Terms of Service (last updated 12/31/2014)