Jul 18, 2017 SOURCE: PR NewsWire

RiskSense Security Researchers to Reveal New Microsoft Windows Vulnerability at DEF CON 25

SUNNYVALE, Calif. and ALBUQUERQUE, N.M., July 18, 2017 /PRNewswire/ -- RiskSense®, Inc., the pioneer and market leader in pro-active cyber risk management, today announced that two of its security researchers will present findings from developing an open source hacking tool called KOADIC(TM) C3 and reveal a new remote Microsoft® Windows® vulnerability at the DEF CON 25 conference next week.

    WHO:    Sean Dillon, senior security analyst at RiskSense, is a Microsoft
            Windows kernel expert and penetration tester. He was the first
            researcher to reverse engineer the DOUBLEPULSAR SMB backdoor. Sean is
            also a co-author of the ETERNALBLUE Metasploit(R) module and has made
            other contributions to the project. He has worked as a software
            engineer in the avionics and video game hacking industries.


            Zach Harding, senior security analyst at RiskSense, previously served
            in the US Army as a combat medic. He helped improve the leaked NSA
            code to release the EXTRABACON 2.0 Cisco(R) ASA exploit package.


    WHAT:   KOADIC C3, or COM Command and Control, is a Microsoft Windows post-
            exploitation tool similar to other penetration testing rootkits such
            as Metasploit Meterpreter and PowerShell Empire. Unlike these other
            tools, KOADIC performs most of its operations using the Microsoft
            Windows Script Host (a.k.a. Jscript /VBScript), which is tightly
            coupled to the core Microsoft Windows operating system. The 45-minute
            session titled "KOADIC C3 - Windows COM Command and Control
            Framework" will explore default COM objects as an attack surface in
            Microsoft Windows. It will include live demonstrations using KOADIC,
            obscure Microsoft Windows scripting techniques, interesting
            workarounds, and exploit basic Microsoft Windows Script Host
            functions. The speakers will also present defenses for protecting
            Microsoft Windows systems and networks against attacks that use this
            type of tool.  During the presentation, a 20+ year-old remote Windows
            0-day vulnerability that has been disclosed to Microsoft, will be
            revealed.


           In the four-hour workshop, "Advanced Windows Post-Exploitation /
            Malware Forward Engineering", Sean and Zach will demonstrate and
            explain key Microsoft Windows penetration testing techniques. They
            will present a deep dive on the low-level code that makes it all
            work, and explore shellcode, COM, WMI, Windows API, and .NET, using
            open source tools including PowerShell Empire, KOADIC C3, and
            Metasploit Meterpreter.  Attendees will also gain an in-depth
            understanding of anti-virus detection and evasion methods.


    WHEN:  "KOADIC C3 - Windows COM Command and Control Framework"
           Saturday, July 29, 2017 at 1:00 PM PDT, Track 2


           "Advanced Windows Post-Exploitation / Malware Forward Engineering"
           Saturday, July 29, 2017 from 2:30 PM to 6:30 PM PDT in Octavius 5


    WHERE: DEF CON 25, Caesars Palace, Las Vegas, NV


    HOW:   To schedule a conversation with Sean Dillon, contact Marc Gendron at
            marc@mgpr.net or +1 781.237.0341. For more information or to attend,
            visit:
            https://defcon.org/html/defcon-25/dc-25-speakers.html#Dillon
            and https://defcon.org/html/defcon-25/dc-25-
            workshops.html#%23Dillon

About RiskSense
RiskSense®, Inc., is the pioneer and market leader in pro-active cyber risk management. The company enables enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results. This is done by unifying and contextualizing internal security intelligence, external threat data, and business criticality across a growing attack surface.

The company's Software-as-a-Service (SaaS) platform transforms cyber risk management into a more pro-active, collaborative, and real-time discipline. The RiskSense Platform(TM) embodies the expertise and intimate knowledge gained from real world experience in defending critical networks from the world's most dangerous cyber adversaries.

By leveraging RiskSense cyber risk management solutions, organizations can significantly shorten time-to-remediation, increase operational efficiency, strengthen their security programs, heighten response readiness, reduce costs, and ultimately minimize cyber risks. For more information, please visit www.risksense.com or follow us on Twitter at @RiskSense.

Media Contacts
Marc Gendron
Marc Gendron Public Relations
+1 781.237.0341
marc@mgpr.net
or
media.relations@risksense.com

View original content with multimedia:http://www.prnewswire.com/news-releases/risksense-security-researchers-to-reveal-new-microsoft-windows-vulnerability-at-def-con-25-300489383.html

SOURCE RiskSense

Related News

Rock City Chrysler Dodge Jeep Ram welcomes latest Ram truck models

Ecopetrol S.A.: 2019 Earnings Distribution

Battelle CCDS Critical Care Decontamination System™ Being Deployed to Meet Urgent Need for Personal Protective Equipment for Nation’s Healthcare Workforce

Bloom Energy, State of California, Almo Partner to Refurbish Ventilators for Healthcare System as COVID-19 Spreads Throughout U.S.

N.Korea fires 'unidentified projectile': Yonhap

University of South Florida Health, Northwell Health, Formlabs and Tampa General Hospital Join Forces to Create 3D Printed Nasal Swabs to Test for COVID-19 in Patients in Emergency Shortage Situations

North Korea fires two 'ballistic missiles' into sea: Seoul

2020 North American International Auto Show Cancels Amid COVID-19 Pandemic/Expected TCF Center Conversion

View all News

Latest Procurements

Market Sounding - Defence Infrastructure Panel – Construction Major Works

To assist the Commonwealth of Australia (Commonwealth), represented by the Department of Defence, in considering the potential establishment of a standing offer for the undertaking of major construction works described...

ATM 24/2948 drone-mounted Magnetometer

Provision of a drone-mounted Magnetometer to the Australian Antarctic Division

ANSTO Engineering Design Services Panel

The ANSTO Engineering Panel will be established to support the design and development of new facilities, major projects, minor works, and ongoing building renovation and refurbishment needs across many different...

View all Procurementsp

Agenda

June

FranceParc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024, 17 - 21 June 2024, Parc des Expositions de Paris Nord Villepinte ZAC Paris Nord 2, 93420 Villepinte – France (Halls 5a – 5b – 6)

Eurosatory 2024 There can be no sustainable world without peace and security. Founded in 1967, the exhibition...

May

Paris Marriott Rive Gauche & Conference Center

Future Artillery, 21-23 May 2024, Paris Marriott Rive Gauche & Conference Center, France

DELIVERING FIRES IN THE MULTI-DOMAIN BATTLESPACE As artillery reasserts itself as the ‘King of Battlefield’ in the wake...

May

United Arab EmiratesADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR Abu Dhabi 2024, 21-23 May 2024, ADNEC (Abu Dhabi National Exhibition Centre), Abu Dhabi, Al Khaleej Al Arabi St - Al Rawdah - Al Ma'arid - Abu Dhabi, UAE

ISNR ACCELERATING TRANSFORMATION IN THE NATIONAL SECURITY ECOSYSTEM ISNR Abu Dhabi is the region’s most trusted...

View All Events

Companies

Volvo Defense AB

Arabian Contracting Company Ltd (TIG Group)

Defence Industries Corporation (DICON)

View All Companies