EDR - Erase Data Remotely, By Cooking An Unforgettable Byte Signature Dish

Explore a groundbreaking vulnerability (CVE-2023-24860) that allows unauthenticated remote deletion of critical files, including entire production databases, in this 39-minute Black Hat conference talk. Delve into how adversaries can exploit byte signature detection logic, typically considered the most reliable layer of endpoint security controls, to remotely erase data from fully patched servers over the internet. Discover a new category of vulnerability that presents a heightened level of denial-of-service risk. Presented by Tomer Bar and Shmuel Cohen, this talk challenges conventional wisdom about endpoint security and highlights the potential consequences of relying too heavily on byte signature detection.

EDR = Erase Data Remotely, By Cooking An Unforgettable (Byte) Signature Dish