BadTunnel: How Do I Get Big Brother Power?

Presented at Black Hat USA 2016, Aug. 4, 2016, 9 a.m. (25 minutes).

This presentation will introduce a new threat model. Based on this threat model, we found a flaw in the Windows system. It affects all Windows released in the last two decades, including Windows 10. It also has a very wide range of attacks surface. The attack can be performed on all versions of Internet Explorer, Edge, Microsoft Office, many third-party software, USB flash drives, and even Web server. When this flaw is triggered, YOU ARE BEING WATCHED. We will also show you how to defend against this threat, particularly on those systems are no longer supported by Microsoft.

Presenters:

  • Yang Yu - Tencent
    Yang Yu is Director of Xuanwu Lab of Tencent. He has more than a decade of experience researching and working in the computer security space. He has spoken at many security conferences in the past, on different topics at Blackhat, CanSecWest, HITCon, XCon, and etc. He is also a $100,000 Microsoft Mitigation Bypass bounty winner.

Links:

Similar Presentations: