Feb. 2, 2024, 6:20 p.m. | Black Hat

Black Hat www.youtube.com

...In this talk we will present our journey starting with a deep dive into Windows Defender architecture, the signature database format and the signature update process, focusing on the security verification logic. We will present how an adversary can totally own any Windows agent and server in the world by exploiting a powerful 0day vulnerability that even we didn't expect to discover. Enterprise machines are also at risk since the vulnerability affects Microsoft 365 Defender as well....

By: Omer Attias …

adversary agent architecture can database deep dive defender dive exploiting journey logic own pretender process risk security security risk server signature update updates verification windows windows defender world

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

Field Account Executive

@ Darktrace | Americas

Account Executive

@ Darktrace | Los Angeles

Field Account Executive

@ Darktrace | Michigan, United States

Field Account Executive

@ Darktrace | Ohio, United States

Named Account Manager - Telco & Enterprise, Thailand

@ Palo Alto Networks | Bangkok, Thailand