Boston, MA-March 16, 2009-Core Security Technologies, provider of the CORE IMPACT family of comprehensive enterprise security testing solutions, today announced that three of its CoreLabs exploit authoring and vulnerability research experts – Alfredo Ortega, Anibal Sacco and Nico Economou, have been selected to serve as speakers at the upcoming CanSecWest conference being held in Vancouver from March 16-20.
Presentations
Who: Alfredo Ortega and Nico Economou, Core Security Technologies
What: "Multiplatform iPhone, Android Shellcode and other smart phone insecurities"
Where: CanSecWest - Sheraton Wall Centre - Vancouver, B.C.
When: Wednesday, March 18, 3:00 p.m. EDT
Presentation Details
Smartphones are becoming a ubiquitous communications platform, but many potential security risks reside in the devices with few technological barriers to prevent them. This talk will highlight the device architectures and onboard protection measures offered in three major smartphone platforms: Google Android, Apple iPhone and Microsoft Windows Mobile. A multi-platform ARM shellcode and other possible attacks will also be demonstrated during the event, which will illustrate just how easily attackers could compromise your wireless device.
Alfredo Ortega and Nicolas Economou
Alfredo Ortega works at Core Security Technologies as an exploit writer, OpenBSD, FreeBSD and Linux Platform Manager. He is pursuing a PhD at ITBA, Instituto Tecnológico de Buenos Aires, and has been a speaker at several security and computer science conferences including Black Hat, Defcon and Ekoparty. His hobbies include FPGA synthesis and security research.
Nicolas Economou has worked for the last 3 years as an exploit writer at Core Security Technologies creating exploits for multiple platforms including Mac OS X, Windows, Linux and iPhone. In his free time he enjoys creating tools (including disassemblers and debuggers) to help in the reverse engineering process.
Who: Anibal Sacco and Alfredo Ortega, Core Security Technologies
What: "Persistent BIOS Infection"
Where: CanSecWest - Sheraton Wall Centre - Vancouver, B.C.
When: Thursday, March 19, 8:00 a.m. EDT
Presentation Details
When developing rootkits, one of the biggest problems is executing the malicious code, surviving reboots and remaining undetected. This talk will demonstrate how malicious code can be injected into commercial BIOS firmware. Instead of utilizing other rootkit methods which make use of the ACPI specification, Core Security has focused on a binary generic implementation independent of the installed OS to simulate how attackers can take control of a system.
Anibal Sacco
Anibal Sacco is a senior exploit writer and reverse engineer at Core Security Technologies. He has been researching vulnerabilities and developing exploits for Windows, OS X and Linux for 3 years. After focusing for some time on Microsoft Windows kernel-mode vulnerabilities, he has recently moved on to exploring Apple OS X vulnerabilities. (continued...)
|
How Do You Avoid the 5 Big Mistakes Customer Service Teams Make?