YoVDO

Blinding Endpoint Security Solutions - WMI Attack Vectors

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Cybersecurity Courses Malware Analysis Courses Endpoint Security Courses Threat Hunting Courses Windows Management Instrumentation (WMI) Courses

Course Description

Overview

Explore a groundbreaking conference talk on WMI attack vectors and their impact on endpoint security solutions. Delve into new research showcasing previously unseen attacks on WMI, involving both user and kernel mode vectors. Learn about WmiCheck, a novel security tool designed to detect various OS attacks, including those covered in this presentation. Gain insights from Claudiu Teodorescu, CTO and Co-founder of Binarly, as he discusses the weaknesses in WMI architecture and potential solutions for reliable OS event collection. Understand the critical importance of these attack vectors in disabling security solutions that rely on WMI telemetry, including EDR, AV, SIEM, and malware sandbox solutions.

Syllabus

Claudiu Teodorescu - Blinding Endpoint Security Solutions: WMI attack vectors - Ekoparty 2022


Taught by

Ekoparty Security Conference

Related Courses

Case Studies in Embedded VR - Silvio Cesare - Ekoparty Security Conference - 2022
Ekoparty Security Conference via YouTube The Making of an Aerospace Village Badge - Dan Allen - Ekoparty 2021: Patagon Aerospace
Ekoparty Security Conference via YouTube IIoT, Data Infrastructure, Smart Factory - Sarka Pekarova - Ekoparty 2021: OT - IIOT - IOT Space
Ekoparty Security Conference via YouTube Gotham City- SSH from Zero to Trust - Lucas Calisi - Ekoparty Security Conference - 2021
Ekoparty Security Conference via YouTube Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Ekoparty Security Conference via YouTube