Evilgrade, "You Still Have Pending Upgrades?"

Presented at DEF CON 18 (2010), July 30, 2010, 5 p.m. (20 minutes)

Vulnerabilities are disclosed daily and in the best case new patches are released. Is no new that many application's update process have security weaknesses allowing fake updates injection. The new version of the framework will show how many updates system are still vulnerable to this trivial attack.

Presenters:

• Federico Kirschabum - CTO, Infobyte Security Research
  Federico Kirschabum is currently the CTO of Infobyte Security Research, company based in Buenos Aires, Argentina. With almost 10 years of experience researching and pentesting networks, he has developed a deep knowledge in the computer security & telecomunications field. He is one of the founders of the ekoparty security conference, one of the biggest con in Latin America which is held yearly in BA. Besides computing, Federico studied Filmmaking and worked in several productions. In his free time he loves to play competitive paintball and make asados for his friends.
• Francisco Amato - Founder, Infobyte Security Research
  Francisco Amato is a researcher and computer security consultant who works in the area of vulnerability Development, blackbox testing, reverse engineering. He runs his own company - [ISR] Infobyte Security Research www.infobytesec.com, from where he published his developments in audit tools and vulnerabilities in products from companies like Novell, IBM, Sun Microsystems, Apple, Microsoft. Founding organizer of ekoparty south america security conference www.ekoparty.org.

Links:

• https://defcon.org/html/defcon-18/dc-18-speakers.html#Amato
• https://www.youtube.com/watch?v=bKv6V09ueyA

Similar Presentations:

• DEF CON 17 (2009) / The Day of the Updates
• Still Hacking Anyway (SHA2017) / Update the updates