Alex Wheeler and Neel Mehta: Owning Anti-Virus: Weaknesses in a Critical Security Component

AV software is becoming extremely popular because of the its percieved protection. Even the average person is aware they want AV on their computer (see AOL, Netscape, Netzero, Earthlink, and other ISP television ads). What if: Instead of protecting ppl from hackers AV software was actually making it easier for hackers? This talk will outline general binary auditing techniques using AV software as an example, and demonstrate examples of remote AV vulnerabilities discovered using those techniques. Alex Wheeler is a security researcher, who specializes in reversing engineering binaries for security vulnerabilities. His research experience was cultivated during his time with ISS X-Force, which he spent auditing critical network applications and technologies for security vulnerabilities. Alex's recent audit focus on AV products has lead to the discovery of serious systemic and point vulnerabilities in many major AV products. Neel Mehta works as an application vulnerability researcher at ISS X-Force, and like many other security researchers comes from a reverse-engineering background. His reverse engineering experience was cultivated through extensive consulting work in the copy protection field, and has more recently been focused on application security. Neel has done extensive research into binary and source-code auditing, and has applied this knowledge to find many vulnerabilities in critical and widely deployed network applications.

Отзывы


Podcastly – the best platform for podcasters and podcast lovers. More than 10 millions of audio content that available on Android/iOS/Web/Desktop and Telegram.