Captain Hook: Pirating AVs to Bypass Exploit Mitigations

by Udi Yavo, Tomer Bitton Sept. 15, 2017 via www.blackhat.com submitted by belen_caty

In this talk we'll survey the different vulnerabilities, and deep dive into a couple of those. In particular, we'll take a close look at a vulnerability appearing in the most popular commercial hooking engine of a large vendor. This vulnerability affects the most widespread productivity applications and forced the vendor to not only fix their engine, but also that their customers fix their applications prior to releasing the patch to the public. Finally, we'll demonstrate how security tools can be used as an intrusion channel for threat actors, ironically defeating security measures.

https://www.blackhat.com/us-16/briefings.html#captain-hook-pirating-avs-to-bypass-exploit-mitigat...

Avatar
Steven Ulm 1 month ago

Even if the title is funny and catch, I really like that the article itself is well researched and very objective.

Reply