PRESS RELEASE: Microsoft Edge Exploits and Attacks Against Enterprise Antivirus Products to be Demoed at HITBSecConf2017 – Amsterdam

Amsterdam – April 4th, 2017: Staying true to its main aim of enabling the dissemination, discussion and sharing of deep knowledge security information, this year’s HITB Security Conference continues its focus on groundbreaking attack methods, with speakers slated to deliver details on a slew of new vulnerabilities in a variety of products.

On April 13th, Linan Hao and Long Liu from Qihoo360’s Vulcan Team will present new attacks relating to Microsoft’s Edge browser – one of the most secure web browsers currently available. In 2015 and 2016, these seasoned vulnerability hunters won Microsoft’s Mitigation Bypass Bounty and were ranked high in Microsoft Security Response Center (MSRC)’s Top 100. While exploring the attack surface of Microsoft Edge, they took a closer look at ChakraCore – the open-source component of Microsoft’s next generation Javascript Engine.

In their presentation titled “The Secret of ChakraCore: 10 Ways to Go Beyond the Edge”, they plan to disclose how they audited the ChakraCore engine and how they found over twenty exploitable vulnerabilities and ten working exploits on Windows 10 and the 64-bit Edge browser. Their presentation will also introduce an unpublished Control Flow Guard (CFG) bypass method which won Microsoft’s mitigation bypass bounty reward. To complete the presentation, they will also demonstrate how to bypass the newly added Return Flow Guard (RFG) mitigation introduced in the latest Windows release, codenamed Redstone 2 (RS2).  As a bonus, the duo will also disclose the details of several real-world 64-bit Edge exploits, including one which won them Korea’s PwnFest 2016 exploitation contest.

Antivirus (AV) software was originally something primarily deployed on desktops and workstations, however, today, AV solutions are found across a corporate network with solutions for data loss prevention, browser security, mail security, endpoint security and more. A lot of previous security research has been mainly focused on consumer AV products and very little on corporate security products. Till now.

Steven Seeley, Content Developer and Security Researcher for Offensive Security, and Roberto Suggi Liverani, an independent security researcher, will examine and showcase some previously unreleased vulnerabilities in Trend Micro. The result of combining reverse engineering, network traffic inspection, DLL hooking, web application testing, source code review and exploit development, their presentation “I Got 99 Trends and a # is All of Them” will also include a montage of on-stage demonstrations of the most interesting attacks discovered across several Trend Micro products.

Putting theory into practice, the HITB Labs features a hands-on “Introduction to Windows Logical Privilege Escalation”. In this two-hour session, conducted by famed security researcher and member of Google’s Project Zero, James Forshaw, participants will learn the techniques needed to find and exploit logical privilege escalation vulnerabilities. Mr. Forshaw will also include access to all tools and examples demonstrated during his session.

For further details on all talks lined up, see the full conference agenda of HITB2017AMS.

-END-

NOTE TO EDITORS

Visiting the Hack In The Box Conference as press can be done by sending a request for a Media Pass to media@hackinthebox.org. Specific requests for interviews with speakers can also be sent to this address.

About HITBSecConf

HITB Security Conference or HITBSecConf is a community-backed, not-for-profit series of security conferences held annually in various locations in Asia and Amsterdam, The Netherlands. The annual series has also previously been held in the Middle East and Asia with conferences in Kuala Lumpur, Bahrain and Dubai. The main aim of HITBSecConf is to enable the dissemination, discussion and sharing of deep knowledge network security information with a focus on groundbreaking attack and defense methods. HITBSecConf is endorsed by various government and professional associations.

Website: https://conference.hitb.org/hitbsecconf2017ams/

Twitter: @HITBSecConf @HITBMedia #HITB2017AMS

Facebook:  https://www.facebook.com/hackinthebox

LinkedIn:  https://www.linkedin.com/groups?gid=40911

 

PR Contact (International)

Mei Ling Foo

HITB Core Crew – Media Coordination
Email: meiling.foo@hackinthebox.org

Tel: +603-26157299 (0900 – 1800 MYT)

PR Contact (Netherlands)

Sabine Hengeveld-Auer

HITB.NL Media
Email: bine@hackinthebox.nl

Tel: +31 6 818 799 04