Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Rootkit and cyber security presentations by Core Security

Core Security Technologies : 05 August, 2008  (Technical Article)
Experts in security testing products to give Vegas presentations at the Black Hat USA conference on cyber security and rootkits
Core Security Technologies, provider of CORE IMPACT, the most comprehensive product for proactive security testing, has announced that a pair of its most widely-respected experts will serve as featured speakers during the Black Hat USA 2008 conference, taking place August 2 to August 7 at Caesar’s Palace, Las Vegas.

The talks will include:.

“Viral Infections in Cisco IOS”
When: Wednesday, August 6, 2008; 4:45 pm. – 6:00 pm. PT.
Where: Roman Ballroom, Caesar’s Palace.
Who: Ariel Futoransky, director of CoreLabs, the research arm of Core Security Technologies.

Presentation Details:.
Rootkits are very common in most popular Operating Systems, including Windows, Linux, Unix and any variant of those platforms, but they have rarely been observed in embedded OS's. This is primarily due to the fact that most embedded OS's are closed source; hence the internals of the OS are unknown, making any attempt to reverse engineer their underlying code very difficult.

In most of today’s real-world threat scenarios it's very common that when an attacker attempts to take control of a system he or she also desires to maintain access to it, so in many cases a rootkit is installed for that purpose. The rootkit seizes control of the entire system running on the involved hardware by hiding files, processes and network connections and by allowing unauthorized users to act as system administrators.

This session will demonstrate that a rootkit with those same characteristics can indeed be easily created and deployed on a closed source OS like Cisco IOS and run unnoticed by system administrators, surviving most, if not all, reactive security measures that would typically be employed by experts in the field.

As proof of this concept, various methods for infecting an IOS target will be shown including examples of run-time patching and image binary patching. To discuss the binary patching technique from a practical point of view, a set of python scripts that provide the technique for inserting a generic rootkit implementation called DIK (Da IOS rootKit) will be introduced, which is written in plain C for IOS. Other techniques such as run-time image infection will also be discussed in detail.

“Commission on Cyber Security for the 44th Presidency, Panel Discussion”
When: Wednesday, August 6, 2008; 6:00 pm. – 7:15 pm. PT
Where: Palace 3, Caesar’s Palace
Who: Tom Kellermann, vice president of security awareness at Core Security Technologies

Presentation Details:
The Center for Strategic and International Studies (CSIS) has established a Commission on Cyber Security for the 44th Presidency – the administration that will take office in January 2009. The goal of this nonpartisan commission is to develop recommendations for a comprehensive strategy to improve cyber security in federal systems and in critical infrastructure. Hear what is going on with the Cyber Security Commission, ask questions and provide input on what you think should be addressed at a Presidential level for the next administration.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo