The latest cybersecurity trends, best practices, security vulnerabilities, and more
Join #TeamTrellix at Black Hat USA 2022
By Trellix · August 8, 2022
This year marks the 25th anniversary of Black Hat USA and we are thrilled to be attending this year! As a proud sponsor and leader of XDR, Trellix will be taking the desert by storm the first-time in company history, making this event one to never forget!
On behalf of the Trellix team, we invite you to the Trellix Networking Lounge, where our world-renowned experts will share their insight on our soulful work and how we are redefining the future of cybersecurity.
See you there!
Trellix Black Hat Speaking Sessions
Living Security Powered by Trellix XDR
Sean Morton, VP, Strategy
Wednesday, August 10 | 8 – 8:15AM:
On-demand: Get an exclusive peek at our Trellix XDR platform in action. Watch an executive-led demo of how Trellix XDR gives you the upper hand over threats by bringing detection, prevention, response, and remediation together in a living security ecosystem
Perimeter Breached! Hacking an Access Control System
Steve Povolny, Principal Engineer, & Sam Quinn, Senior Security Researcher
Thursday, August 11 | 10:20 – 11 a.m.: The first critical component to any attack is an entry point. As we lock down our firewalls and sophisticated routers, it can be easy to overlook the network-connected physical access control systems. Trellix uncovered 8 zero-day vulnerabilities leading to remote, unauthenticated code execution on the LNL-4420 access control panel. When combined, these findings lead to full system control including the ability for an attacker to remotely manipulate door locks. To emulate a true nation-state level threat, our team began our research without access to the system firmware. During this presentation, Steve & Sam will deep dive into our hardware hacking process including the challenges faced such as bypassing the bootloader, hardware-based watchdog timers, and authentication.
DotDumper: automatically unpacking DotNet based malware
Max Kersten, Malware Analyst
Thursday, August 11 | 1 – 2:30 p.m.: Analysts at corporations of any size face an ever-increasing amount of DotNet based malware. The malware comes in all shapes and forms, ranging from skiddish stealers all the way to nation state backed targeted malware. The underground market, along with public open-source tools, provide a plethora of ways to obfuscate and pack the malware. Unpacking malware is time consuming, difficult, and tedious, which poses a problem. To counter this, DotDumper automatically dumps interesting artifacts during the malware's execution, ranging from base64 decoded values to decrypted PE files. During this Arsenal session, Max will take attendees through the DotDumper tool and its use.
eBPF ELFs JMPing Through the Windows
Richard Johnson, Senior Principal Security Researcher
Thursday, August 11 | 1:30 – 2:10 p.m.: eBPF is an emerging technology used as a telemetry source across cloud based technologies. While it currently runs on the Linux kernel, last year, Microsoft released a completely new implementation of an eBPF tracing system for Windows which is destined to become a primary telemetry provider in the near future. eBPF for Windows has a complex architecture that leverages program analysis to verify unsigned user code via abstract interpretation before running it in a kernel context — integrity of the software is paramount. This research will be the first public work to analyze and discover security vulnerabilities in the new eBPF for Windows implementation. Our presentation will discuss the capabilities and security model of eBPF for Windows, followed by details of the design and attack surface.
Nov 28, 2023
Board Support Remains Critical as Majority of CISOs Experience Repeat Cyber Attacks
Nov 27, 2023
Trellix Announces Cybersecurity Generative AI Innovations Powered by Amazon Bedrock
Nov 22, 2023
Trellix Hosts Zero Trust Strategy Virtual Forum
Nov 16, 2023
Trellix Detects Collaboration by Cybercriminals and Nation-States
Oct 30, 2023
Trellix Hosts Actionable Ransomware Detection and Response Virtual Showcase
By Michelle Salvado · January 19, 2022
Dynamic threats call for dynamic security – the path to resiliency lies in XDR.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.