HONG KONG SAR - Media OutReach - 28 June 2021 - Black Hat USA 2021 kicks off on July 31st, bringing together the world's most cutting-edge security researchers for a week of security demonstrations and information sharing. Competition to present is fierce, with only the most unique research highlighted. Sangfor Security Team is proud to be presenting two studies to the world's top security experts and researchers.
Black Hat USA is the largest and most authoritative source for security trends. Two Sangfor studies were selected from thousands submitted for presentation: " Diving Into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer" and "Exploiting Windows COM/WinRT Services" with Sangfor researchers Zhiniang Peng, Xuefeng Li and Lewis Lee presenting. These presentations showcase previously unknown or zero-day privilege escalation (LPE) and remote execution (RCE) vulnerabilities. Hackers exploit LPE and RCE vulnerabilities to gain administrative access for stealing data, installing ransomware, or to attack other systems. Zero-day vulnerabilities greatly increases risk from LPE and RCE vulnerabilities because you cannot protect against what you do not know.
Multiple 0-Day Vulnerabilities Found in Spooler
Ten years ago, the Stuxnet worm used a Windows Printer Spooler privilege upgrade vulnerability to destroy Iran's nuclear enrichment centrifuges, and infect more than 45,000 networks, crippling Iran's nuclear facilities. Sangfor researchers discovered multiple, new 0-day vulnerabilities within Spooler, all detailed in their upcoming presentation at the Black Hat conference.
Sangfor Discovers Hundreds of Windows COM/WinRT Vulnerabilities
Windows COM/WinRT components are a basic part of Windows 10 Universal Windows Platform (UWP) applications, widely used for cross-process communication. Security vulnerabilities in these components means Windows systems would be exposed to many different types of attack. Sangfor researchers discovered more than 100 vulnerabilities in Windows COM/WinRT services.
Sangfor BlueOps Team
Experienced security teams are the most coveted in cyber security now, keeping up with the constant flow of new cyber threat and ensuring enterprises have the tools they need to respond effectively. Sangfor BlueOps, Sangfor's highly skilled defensive security test or blue team, works to improve attack detection and defence of Sangfor's security solutions. They hunt threats daily to identify dangers from hacking groups and their software then develop effective response methods against them.