Jul 07, 2020

SafeBreach Experts Showcasing Research with New Exploits at Black Hat 2020

Sunnyvale, California — July 7th, 2020. SafeBreach, provider of the leading breach-and-attack simulation (BAS) platform to validate security controls, visualize security risk and prioritize remediations, today announced its experts will present novel insights on Stuxnet printer spool vulnerability and an update on HTTP Request Smuggling with four new attack variants at the Black Hat USA 2020 virtual event from August 1 – 6. One of the premier cybersecurity events in the world, the annual Black Hat USA Conference gathers the smartest researchers and hackers to demonstrate new exploits, cover trends, and discuss cybersecurity policy issues.

Black Hat 2020 Sessions Featuring SafeBreach Lab’s Research:

SafeBreach’s VP of Security Research Amit Klein will present “HTTP Request Smuggling in 2020 – New Variants, New Defenses and New Challenges” on the AppSec and Network Security topic track on August 5th at 10am PT. The talk will demonstrate four new HTTP Request Smuggling attack variants that work against COTS, popular, present-day web servers and HTTP proxy servers, and discuss the shortcomings of existing free, open-source solutions for HTTP Request Smuggling.

SafeBreach Labs Security Researcher Peleg Hadar and Research Team Leader Tomer Bar will present “A Decade After Stuxnet’s Printer Vulnerability: Printing is Still the Stairway to Heaven” in the Cloud & Platform Security and Exploit Development topic track on August 6th at 11am PT. The talk will analyze two past Stuxnet’s vulnerabilities and how they were partially patched (even multiple times) and provide a live demo of two 0-day vulnerabilities discovered in the Windows Print Spooler, which was the third disclosed Stuxnet vulnerability and was thought to be patched.

The researchers will also present at the DEF CON (R) Conference.

About SafeBreach

A pioneer in the Breach and Attack Simulation (BAS) market, SafeBreach is the world’s most widely used continuous security validation platform. The patented platform automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container, and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Founded in 2014 by experienced CISOs, hackers, and security entrepreneurs, SafeBreach makes it possible for security teams to invest wisely, protect more and mitigate risk.

Media Contact:

Merritt Group for SafeBreach – safebreach@merrittgrp.com

Subscribe to
our Newsletter