Jamie Butler & Kris Kendall: Blackout: What Really Happened...
MP4•Главная эпизода
Manage episode 152211972 series 1053194
Контент предоставлен Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.. Весь контент подкастов, включая эпизоды, графику и описания подкастов, загружается и предоставляется непосредственно компанией Black Hat Briefings, USA 2007 [Video] Presentations from the security conference. или ее партнером по платформе подкастов. Если вы считаете, что кто-то использует вашу работу, защищенную авторским правом, без вашего разрешения, вы можете выполнить процедуру, описанную здесь https://ru.player.fm/legal.
Malicious software authors use code injection techniques to avoid detection, bypass host-level security controls, thwart the efforts of human analysts, and make traditional memory forensics ineffective. Often a forensic examiner or incident response analyst may not know the weaknesses of the tools they are using or the advantage the attacker has over those tools by hiding in certain locations.
This session provides a detailed exploration of code injection attacks and novel countermeasures, including:
1. The technical details of code injection starting with basic user land techniques and continuing through to the most advanced kernel injection techniques faced today.
2. Case study of captured malware that reveals how these techniques are used in real world situations.
3. Discussion of current memory forensic strengths and weaknesses.
4. New memory forensic analysis techniques for determining if a potential victim machine has been infected via code injection.
5. Post acquisition analysis.
…
continue reading
This session provides a detailed exploration of code injection attacks and novel countermeasures, including:
1. The technical details of code injection starting with basic user land techniques and continuing through to the most advanced kernel injection techniques faced today.
2. Case study of captured malware that reveals how these techniques are used in real world situations.
3. Discussion of current memory forensic strengths and weaknesses.
4. New memory forensic analysis techniques for determining if a potential victim machine has been infected via code injection.
5. Post acquisition analysis.
89 эпизодов