Live:
Guess who's back! After a rather long pause, Security Espresso's Meetups are back, in an online format! We're sure that you miss the gatherings and the beers, but rest assured it's all going to happen anyway!
Our first virtual meetup will happen online and will be streamed to YouTube. Make sure to join our Telegram group if you didn't already so you can ask any questions you might have for the speakers: https://t.me/secespresso
Without further ado, here are the speakers for Security Espresso Meet-up 0x23:
19:00 → 19:45
☠️ Principles of heap-based exploits on Windows 7 & 10 x32
📣 Stefan Nicula - Senior Threat Researcher @ Avira Protection Labs, Twitter: @stefan_nicula
A successful userland heap memory corruption exploit on Windows requires a good grasp on the mechanisms behind the Heap Manager. The talk aims to tackle Windows Heap Manager internals such as Backend vs Frontend Allocators, VirtualAlloc, heap memory layout, Windows 10 vs Windows 7 Heap Manager differences and Windows Heap Integrity protection. We will also explore heap exploit principles for Use-after-free and Double Free exploits like primitives, allocators, precise heap spraying, stack pivot and ROP chaining.
In a future part 2 of the presentation, we will dive into more advanced techniques related to memory information leak, type confusion, abusing vtable pointers and Windows ATP protection bypasses.
19:45 → 20:00
⏸ Break
20:00 → 20:45
🕶 Opsec guide for the security enthusiast
📣 Dan Demeter - Security Researcher @ GReAT, Twitter: @_xdanx
📣 Marco Preuss - Director @ GReAT, Europe, Twitter: @marco_preuss
As more and more metadata is passively collected at a large scale, one might question the boundaries set by governments in regards to privacy and personal life. We believe privacy is a fundamental human right and, by using the right tools, it can still be achieved.
During this beginner’s opsec guide we will present techniques and tools to protect your digital communications, as well as your equipment.
Some covered topics:
- Corporate communication crisis management
- Encryption and secure communication
- Physical device security
- Network activity monitoring
- Travelling to foreign countries
20:45 → ∞
🍻 Virtual beer on Discord! Attendance policy: BYOD (bring your own drink).
🔗 Join us: https://discord.gg/7kCdJp8