25C3 - 1.4.2.3
25th Chaos Communication Congress
Nothing to hide
Referenten | |
---|---|
Bruce Dang |
Programm | |
---|---|
Tag | Day 3 (2008-12-29) |
Raum | Saal 1 |
Beginn | 20:30 |
Dauer | 01:00 |
Info | |
ID | 2938 |
Veranstaltungstyp | lecture |
Track | Hacking |
Sprache der Veranstaltung | en |
Feedback | |
---|---|
Haben Sie diese Veranstaltung besucht? Feedback abgeben |
Methods for Understanding Targeted Attacks with Office Documents
As more security features and anti-exploitation mechanisms are added to modern operating systems, attackers are changing their targets to higher-level applications. In the last few years, we have seen increasing targeted attacks using malicious Office documents against both government and non-government entities. These attacks are well publicized in the media; unfortunately, there is not much public information on attack details or exploitation mechanisms employed in the attacks themselves. This presentation aims to fill the gap by offering:
- A brief overview of the Office file format,
- In-depth technical details and practical analytical techniques for triaging and understanding these attacks,
- Defensive mechanisms to reduce the effectiveness of the attacks,
- Forensics evidence that can help trace the attacks,
- Static detection mechanism for these vulnerabilities (i. e., how to write virus signatures for these vulns),
- Information and techniques to help detect these attacks on the wire.