Presented at
ToorCon San Diego 15 (2013),
Oct. 19, 2013, 3 p.m.
(50 minutes).
The goal of mass malware is to successfully run on as many different platforms and applications as possible. The goal of 0-day malware is to exploit a narrow set of hosts.
In recent 0-day attacks against Adobe Flash Player and Adobe Reader, we have observed exploits combining the features of mass malware - obfuscation and complexity - with the quality that makes up a successful 0-day exploit: one or more heretofore unpatched vulnerabilities in an application.
In this talk we will discuss Adobe's response to such attacks that use "mass-customized" malware. We will detail the features that herald these attacks as the start of a new trend of exploitation, using four recent 0-day vulnerabilities as case studies. We will reflect on the relative success of sandboxing in context of these attacks and in addition, we will explain how we adapted our security response strategies to meet this new trend of exploitation.
Presenters:
-
Peleus Uhley
Peleus Uhley is the Platform Security Strategist within Adobe's Secure Software Engineering Team (ASSET). His primary focus is advancing Adobe's Secure Product Lifecycle (SPLC) and assisting with incident response within Adobe platform technologies, including Flash Player, ColdFusion and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to be a security consultant for @stake and Symantec.
-
Karthik Raman
Karthik Raman, CISSP, is a security researcher on the Adobe Secure Software Engineering Team (ASSET), where he focuses on proactive product security. Karthik holds a BS in Computer Science and Computer Security & Information Assurance from Norwich University, a MS in Computer Science from UC Irvine, and is pursuing an MBA part-time at UC Berkeley's Haas School of Business.
Links:
Similar Presentations: