The Adventures of AV and the Leaky Sandbox

Дата: 30.05.2018. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

In this presentation, we describe and demonstrate a novel technique for exfiltrating data from highly secure enterprises whose endpoints have no direct Internet connection, or whose endpoints’ connection to the Internet is restricted to hosts used by their legitimately installed software. Assuming the endpoint has a cloud-enhanced antivirus product installed, we show that if the anti-virus product employs an Internet-connected sandbox in its cloud, it in fact facilitates such exfiltration.

By Itzik Kotler & Amit Klein

Full Abstract & Presentation Materials: https://www.blackhat.com/us-17/briefings.html#the-adventures-of-av-and-the-leaky-sandbox

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *