Jul 18, 2017

SafeBreach Experts to Demonstrate Cybersecurity Vulnerabilities in Cloud Anti-Virus, Microsoft Windows at Black Hat and DEF CON Conferences

SUNNYVALE, CA – Jul 18, 2017. SafeBreach, the leading provider of Breach and Attack Simulations, will present SafeBreach Labs research on two significant cybersecurity vulnerabilities at the 2017 Black Hat conference at Mandalay Bay and the DEF CON 25 Hacking conference at Caesar’s Palace taking place July 22-30 in Las Vegas.

At Black Hat on Thursday, July 27 from 5:00 – 6:00 p.m. PDT in South Seas CDF, SafeBreach Co-founder and CTO Itzik Kotler and Vice President of Security Research Amit Klein will present The Adventures of Anti-Virus (AV) and the Leaky Sandbox, a presentation and demo detailing a novel technique for exfiltrating data from highly secure enterprises by using a cloud-enhanced anti-virus vulnerability where the Internet-connected AV sandbox actually facilitates the exfiltration. At DEF CON, Kotler and Klein will also present AV and the Leaky Sandboxon Friday, July 28 from 4:00 – 4:45 p.m. PDT in Track 2.

On the final day of DEF CON on Sunday, July 30 at 10:20 a.m. PDT in Track 3, SafeBreach Security Researcher Dor Azuri will present a 20 minute demonstration of BITSInject, a hacking technique that exploits a flaw in Windows BITS’ object serialization model and uses it to change job properties, run programs and execute other unauthorized functions.

“One of the great things about Black Hat and DEF CON is seeing and being part of the industry’s best and brightest showing off their research and advancing the cause of information security,” Kotler said. “The team at SafeBreach Labs works hard year-round to discover, understand and mitigate novel vulnerabilities from the hacker’s point-of-view to provide our customers better insight into where the vulnerabilities are so they can be better prepared to anticipate and thwart the next attack. We’re excited to have been chosen to present two different sessions this year.”

SafeBreach is also exhibiting at Black Hat at booth #1466 where product experts, security researchers and executives will be available to discuss attack trends, techniques and tactics and the rise in organizational war gaming. Be sure to inquire about SafeBreach’s recently published Hacker’s Playbook, including the recent Ransomware Edition.

About SafeBreach

A pioneer in the Breach and Attack Simulation (BAS) market, SafeBreach is the world’s most widely used continuous security validation platform. The patented platform automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container, and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Founded in 2014 by experienced CISOs, hackers, and security entrepreneurs, SafeBreach makes it possible for security teams to invest wisely, protect more and mitigate risk.

Media Contact:

Merritt Group for SafeBreach – [email protected]

Subscribe to
our Newsletter