lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <449564E4.5060601@singnet.com.sg>
Date: Sun, 18 Jun 2006 22:36:20 +0800
From: thomas48 <thomas48@...gnet.com.sg>
To: security-basics@...urityfocus.com, firewalls@...urityfocus.com,
	full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com,
	focus-ids@...urityfocus.com, newslist@...urity-briefings.com,
	forensics@...urityfocus.com, vuln-dev@...urityfocus.com,
	webappsec@...urityfocus.com
Cc: "organiser@...can.org" <organiser@...can.org>
Subject: SyScan'06 Highlight - Attacking Microsoft New
	Operating System (Vista)


This is a brand new presentation and its going public for the very first 
time in SyScan'06.

Joanna Rutkowska, a senior researcher of COSEINC Research, will present 
her latest technique in bypassing and attacking the latest Mircosoft 
Vista operating system kernel.

The presentation will first present how to generically (i.e. not 
relaying on any implementation bug) insert arbitrary code into the 
latest Vista Beta 2 kernel (x64 edition), thus effectively bypassing the 
(in)famous Vista policy for allowing only digitally singed code to be 
loaded into kernel. The presented attack does not requite system reboot.

Next, creation of Stealth by Design malware for Vista x64 will be 
briefly discussed. This will be the base for introducing the new 
approach (codenamed 'blue pill') for writing undetectable malware on the 
latest AMD64 processors. The ultimate goal is to demonstrate that is 
possible (or soon will be) to create an undetectable malware which is 
not based on a concept, but, similarly to modern cryptography, on the 
strength of the 'algorithm'.

A working blue pill will be demonstrated.

Please visit www.syscan.org for more.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ