Presented at
DEF CON 17 (2009),
Aug. 1, 2009, 7 p.m.
(50 minutes).
Software updates apply patches or introduce new features to an application. In most cases, the update procedure is conducted in an insecure manner, exposing the updater to execution of malicious code or to manipulation of application data such as anti-virus signatures.
This presentation will describe in detail different application-update procedures. It will then demonstrate several techniques of update-exploitation attacks, and introduce a new tool, which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session.
Presenters:
-
Itzik Kotler
- Security Operation Center Team Leader, Radware
Itzik Kotler is Radware's Security Operation Center Team's Leader. He manages a team of researchers that follows him into exciting adventures in the dark world of networking, where every standard and rule can be bent and vulnerabilities are lurking on every bit and byte. Radware SOC is a vulnerability research center that develops updated signatures and new techniques to defend known and undisclosed application vulnerabilities. Prior to joining Radware, Itzik held a number of security research positions
-
Tomer Bitton
- Security Researcher, Radware
Tomer Bitton is a Security Researcher at Radware, Inc. He is obsessed with rootkits and malwares and does exploits development and vulnerabilities analysis for a living. Prior to joining Radware, Tomer was a Trojan Specialist in RSA Anti-Malware Team
Links:
Similar Presentations: