Webinar – Live Demo: SafeBreach Original Attacks

Researchers at SafeBreach Labs recently discovered several novel attack methods that can circumvent common security controls and execute some jaw-dropping malicious actions. These attacks—first presented at Black Hat USA and DEF CON 31—are now available within the SafeBreach platform.

Join us on September 27 at 12 pm ET/9 am PT for a live demo as the SafeBreach Labs team provides an overview of each attack and explains how attendees can leverage this research to test their own defenses with SafeBreach Original Attacks.

Defender-Pretender: When Windows Defender Updates Become a Security Risk

  • A powerful zero-day vulnerability that allows malicious actors to control the Windows update process. 
  • Allows adversaries to command Defender to ignore malware, falsely recognize benign files as malicious, and even delete critical system files to render a machine inoperable.

EDR = Erase Data Remotely, By Cooking An Unforgettable (Byte) Signature Dish

  • A new vulnerability (CVE-2023-24860) that allows adversaries to remotely delete critical files, including entire production databases, from fully patched servers. 
  • This vulnerability exists in default settings of popular endpoint security products and is fully undetectable.

One Drive, Double Agent: Clouded OneDrive
Turns Sides 

  • A fully undetectable cloud-based ransomware that encrypts files without actually executing code on endpoints.
  • Bypasses Microsoft’s Controlled Folder Access and OneDrive’s ransomware detection.

Details at a Glance

Webinar: Live Demo: SafeBreach Original Attacks
Date: September 27
Time: 9 am PT |12 pm ET
Duration: 45 min.


  • SafeBreach – Tomer Bar, VP of Security Research
  • SafeBreach – Omer Attias, Security Researcher
  • SafeBreach – Or Yair, Security Researcher 

Register Today!