all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Defender-Pretender: When Windows Defender Updates Become a Security Risk

Add to bookmarks
Feb. 2, 2024, 6:20 p.m. | Black Hat

Black Hat www.youtube.com

...In this talk we will present our journey starting with a deep dive into Windows Defender architecture, the signature database format and the signature update process, focusing on the security verification logic. We will present how an adversary can totally own any Windows agent and server in the world by exploiting a powerful 0day vulnerability that even we didn't expect to discover. Enterprise machines are also at risk since the vulnerability affects Microsoft 365 Defender as well....

By: Omer Attias …

adversary agent architecture can database deep dive defender dive exploiting journey logic own pretender process risk security security risk server signature update updates verification windows windows defender world

Visit resource

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 2 days, 12 hours ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 3 weeks ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 3 weeks ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 3 weeks ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 1 day ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 1 day ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 3 weeks, 5 days ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 3 weeks, 5 days ago | www.youtube.com
analysis ask bad codeql +10
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 3 weeks, 6 days ago | www.youtube.com
attacks call cloudflare detection +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs