Learn AI, Data Science & Business — Earn Certificates That Get You Hired
The Most Addictive Python and SQL Courses
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Watch this 47-minute DEF CON conference talk exploring sophisticated cyberattack methodologies and security vulnerabilities in Windows systems. Dive deep into attack deployment techniques targeting simulated read-only filesystems and NTFS vulnerabilities, examining how threat actors have adapted since the 2011 Windows security architecture updates including Driver Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI). Learn about a novel exploitation method leveraging weaknesses in emulated filesystems for covert malware installation, newly discovered NTFS vulnerabilities enabling attacker persistence, and alternative approaches to usermode malware delivery and execution. Gain valuable insights into relevant Indicators of Compromise (IOCs) for detecting and identifying these attack patterns.
Syllabus
DEF CON 32 - DriverJack Turning NTFS and Emulated ROFs into an Infection - Alessandro Magnosi
Taught by
DEFCONConference