Category Archives: Black Hat USA 2016

Malware hidden in digitally signed executables can bypass AV protection

Posted on by

Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all without triggering AV solutions. Tom Nipravsky, from Tel Aviv-based Deep Instinct, presented the results of their research at Black Hat USA 2016, but didn’t release PoC code as it would be too dangerous. Injecting malware into digitally signed executables To perform a successful attack, Deep Instinct researchers had to create two … More Continue reading Malware hidden in digitally signed executables can bypass AV protection

Remote Butler attack: APT groups’ dream come true

Posted on by

Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full disk encryption: “Remote Butler”. Demonstrated at Black Hat USA 2016 by researchers Tal Be’ery and Chaim Hoch, the Remote Butler attack has one crucial improvement over Evil Maid: it can be effected by attackers who do not have physical access to the target Windows computer that has, at one time, … More Continue reading Remote Butler attack: APT groups’ dream come true

Apple finally announces bug bounty program

Posted on by

Apple is finally going to monetarily reward security researchers for spotting and responsibly disclosing bugs in the company’s products. The announcement that a bug bounty program is going to be set up by the company this September was made by Ivan Krstić, Apple’s head of security engineering and architecture, at Black Hat USA 2016. His presentation was also rather uncharacteristic for Apple, as it included the sharing of details about several of the companies data … More Continue reading Apple finally announces bug bounty program

Dagah: Penetration testing for enterprise mobility programs

Posted on by

Shevirah Inc. will unveil at Black Hat USA 2016 the free version of dagah – a product that empowers security test teams to assess the security posture of their mobility programs including the users, devices, configurations, and applications. Dagah is the creation of Georgia Weidman, one of the most trusted penetration testers working today. After years of working directly with corporations and individuals testing mobile devices for malware, Weidman developed dagah so infosec experts can … More Continue reading Dagah: Penetration testing for enterprise mobility programs

Photo gallery: Black Hat USA 2016 Arsenal

Posted on by

Black Hat USA 2016 is underway at Las Vegas, and here are a few photos from the Arsenal, where the open source community demonstrates tools they develop and use in their daily professions. Lee Brotherston shows off FingerprinTLS, a tool that leverages TLS client fingerprinting techniques to passively identify clients realtime via a network tap or offline via pcap files: Anant Shrivastava demonstrates AndroidTamer, a free and open source virtual/live environment for Android security testing: … More Continue reading Photo gallery: Black Hat USA 2016 Arsenal

ZeroFOX sets up research team to expose social media threats

Posted on by

ZeroFOX announced the formalization of the industry’s first security research team dedicated to exposing social media threats, driving innovative defensive technology and codifying social media security best practices. In complement to ZeroFOX’s longstanding R&D efforts, the newly dedicated ZeroFOX Research team will apply advanced security expertise, data science and machine learning to the dynamic social media threat vector. Its charter is to identify associated cybersecurity trends, explore attacker tactics, techniques and procedures (TTPs), and help … More Continue reading ZeroFOX sets up research team to expose social media threats