25C3 - 1.4.2.3
25th Chaos Communication Congress
Nothing to hide
| Speakers | |
|---|---|
|
Bruce Dang |
| Schedule | |
|---|---|
| Day | Day 3 (2008-12-29) |
| Room | Saal 1 |
| Start time | 20:30 |
| Duration | 01:00 |
| Info | |
| ID | 2938 |
| Event type | lecture |
| Track | Hacking |
| Language used for presentation | en |
| Feedback | |
|---|---|
|
Did you attend this event? Give Feedback |
Methods for Understanding Targeted Attacks with Office Documents
As more security features and anti-exploitation mechanisms are added to modern operating systems, attackers are changing their targets to higher-level applications. In the last few years, we have seen increasing targeted attacks using malicious Office documents against both government and non-government entities. These attacks are well publicized in the media; unfortunately, there is not much public information on attack details or exploitation mechanisms employed in the attacks themselves. This presentation aims to fill the gap by offering:
- A brief overview of the Office file format,
- In-depth technical details and practical analytical techniques for triaging and understanding these attacks,
- Defensive mechanisms to reduce the effectiveness of the attacks,
- Forensics evidence that can help trace the attacks,
- Static detection mechanism for these vulnerabilities (i. e., how to write virus signatures for these vulns),
- Information and techniques to help detect these attacks on the wire.