Browser Hacks, Design Flaws, & Opt-In Security[MP4] [0:35:45] [2012/09/19]There are a number of design flaws that plague browsers, and the challenge in fixing them tends to be the unwillingness to "break the Web." This puts security designers in the position of…
Everybody Be Cool This Is a ROPpery[MP4] [0:52:57] [2012/09/19]Return-oriented programming is one of the most advanced attack techniques available today. This talk presents algorithms that allow an attacker to search for and compose gadgets regardless of the…
Enhanced Mitigation Experience Toolkit 2.0[MP4] [0:44:19] [2012/09/19]In August 2010 we released the new version of EMET with brand new mitigations and a new user interface experience. Two new mitigations are included in this version: Mandatory ASLR (breaking current…
Cyber[Crime/War] Connecting the Dots[MP4] [0:46:48] [2012/09/19]In this talk we explore the uncharted waters between CyberCrime and CyberWarfare, while mapping out the key players (mostly on the state side) and how past events can be linked to the use of…
Behind the Curtain of Second Tuesdays: Challenges in Software Security Response[MP4] [0:25:23] [2012/09/19]This presentation discloses some of the challenges seen by the Microsoft Security Response Center (MSRC) in addressing modern vulnerabilities. As SDL weeded out the simple buffer overflow,…
Nine Trends Affecting the Future of Exploitation[MP4] [0:22:17] [2012/09/19]John Lambert talks about nine trends that will affect exploitation over the next decade. A number of technological, social, and environmental trends will change the world of exploitation as we've…