Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Monday, February 13 • 2:50pm - 3:20pm
AtomBombing: Injecting Code Using Windows’ Atoms

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.

In this talk we present a code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async Procedure Calls (APC). At the time of its release (October 2016), AtomBombing went undetected by common security solutions that focused on preventing infiltration.

AtomBombing affects all Windows versions. In particular, we tested it against Windows 10 and Windows 7. 

Unfortunately, this issue cannot be patched by Microsoft since it doesn’t rely on broken or flawed code – rather on how these operating system mechanisms are designed.


Speakers
TL

Tal Liberman

"Tal has a strong interest in cyber-security, mainly focusing around OS-internals, reverse-engineering and low-level development. As a cyber security research team lead at enSilo, Tal’s team is responsible for integrating OS research and malware analyses findings into enSilo’s core platform. In particular, Tal is keen on “documenting the undocumented” in the Windows OS including CFG and other mitigation technologies, Windows service... Read More →
avatar for Udi Yavo

Udi Yavo

CTO, enSilo
Udi Yavo has more than 15 years of experience in security with a proven track record in leading cutting edge cyber-security R&D projects. Prior to enSilo, Udi spearheaded the direction of the cyber-security unit at the National Electronic Warfare Research & Simulation Center of Rafael Advanced Defense System and served as its CTO. Additionally, he developed and led Rafael’s cyber training programs. Udi’s achievements at Rafael have been... Read More →


Monday February 13, 2017 2:50pm - 3:20pm
DNA Lounge