Author Topic: The Adventures of AV and the Leaky Sandbox, July 25-27 2017  (Read 551 times)

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 477
The Adventures of AV and the Leaky Sandbox By Black Hat July 25-27 2017
https://www.youtube.com/watch?v=hVIP_LF1UXU

In this presentation, we describe and demonstrate a novel technique for exfiltrating data from highly secure enterprises whose endpoints have no direct Internet connection, or whose endpoints' connection to the Internet is restricted to hosts used by their legitimately installed software. Assuming the endpoint has a cloud-enhanced antivirus product installed, we show that if the anti-virus product employs an Internet-connected sandbox in its cloud, it in fact facilitates such exfiltration.

By Itzik Kotler & Amit Klein

Full Abstract & Presentation Materials:
https://www.blackhat.com/us-17/briefings.html#the-adventures-of-av-and-the-leaky-sandbox
« Last Edit: June 21, 2018, 02:59:13 PM by BlueTesta »
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 556
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: The Adventures of AV and the Leaky Sandbox, July 25-27 2017
« Reply #1 on: June 22, 2018, 12:52:09 AM »
The Adventures of AV and the Leaky Sandbox By Black Hat July 25-27 2017
https://www.youtube.com/watch?v=hVIP_LF1UXU

Good to know that Comodo reacted very quickly!  :-TU

Very, very interessting and thanks for posting this!!!  :-TU  ;)
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

Offline BlueTesta

  • Star Group
  • Comodo's Hero
  • *****
  • Posts: 477
Re: The Adventures of AV and the Leaky Sandbox, July 25-27 2017
« Reply #2 on: June 22, 2018, 10:11:39 AM »
Good to know that Comodo reacted very quickly!  :-TU

Very, very interessting and thanks for posting this!!!  :-TU  ;)

 :) Thanks, if i find anything more interesting i will post it too, and pm you.
"Everybody is a genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is stupid."

Offline pio

  • Malware Research Group
  • Comodo's Hero
  • *****
  • Posts: 556
  • I like CIS , Kali Linux , IDA Pro & Fl Studio ;)
Re: The Adventures of AV and the Leaky Sandbox, July 25-27 2017
« Reply #3 on: June 23, 2018, 12:37:06 AM »
:) Thanks, if i find anything more interesting i will post it too, and pm you.

 :-TU ;)
*** Paranoid Bastard since CIS 3.5 ! Independent - NON Profit Malware Analyst ***

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek