Modern Exploitation - by RSA2018 Conference - [Presentation]

in #cybersecurity7 years ago

Folks at the RSA Conference have been posting a lot of videos on their youtube channel over the past couple of days.

One of them that caught my attention was the one I'm suggesting here. It's about modern exploitation. Probably the most interesting parts of this presentation are the beginning - first 10 minutes, and the last minutes.

In the beginning of the presentation they talk about the market for exploits.

So, if as a security researchers you'd be getting paid a couple of hundreds of dollars for finding bugs in web code, the reward goes up dramatically for remote code execution (not tied to web applications) and even more dramatically for kernel exploits: hundreds of thousands, and even millions of $, if you're taking them directly to the vendor (Microsoft, in this case, as you might have guessed).

The potential avenue for work in developing such exploits, at this moment in time, would be Windows 7 and Windows 10, which have a combined market share of more than 70% of computer devices out there.

The last part of the presentation is actually a demonstration - a remote exploitation. I'm not gonna say more to spoil it. Enjoy!


To stay in touch with me, follow @cristi


Cristi Vlad Self-Experimenter and Author