Bypassing Application Whitelisting in Critical Infrastructures

Application whitelisting is a concept which can be used to further harden critical systems such as server systems in SCADA environments or client systems with high security requirements like administrative workstations. It works by whitelisting all installed software on a system and after that prevent the execution of not whitelisted software. This should prevent the execution of malware and therefore protect against advanced persistent threat (APT) attacks. In this talk we discuss the general security of such a concept and what holes are still open for attackers. Continue reading…


Practical Uses of Program Analysis: Automatic Exploit Generation

Practical uses of program analysis will be presented and explained. Including Instrumentation, Symbolic and Concolic Execution, both in theory, in practice, and tools for each type. Specifically, this talk will show how to automatically generate an exploit against a complex, stand­alone application. Continue reading…