SafeBreach researchers will be presenting two sessions at Black Hat 2020:
– New Microsoft Windows vulnerability on Print Spooler – one of three Stuxnet vulnerabilities
– Four new attack variants of HTTP Request Smuggling
SafeBreach, provider of the leading breach-and-attack simulation (BAS) platform to validate security controls, visualize security risk and prioritize remediations, today announced its experts will present novel insights on Stuxnet printer spool vulnerability and an update on HTTP Request Smuggling with four new attack variants at the Black Hat USA 2020 virtual event from August 1 – 6. One of the premier cybersecurity events in the world, the annual Black Hat USA Conference gathers the smartest researchers and hackers to demonstrate new exploits, cover trends, and discuss cybersecurity policy issues.
Black Hat 2020 Sessions Featuring SafeBreach Lab’s Research:
SafeBreach’s VP of Security Research Amit Klein will present “HTTP Request Smuggling in 2020 – New Variants, New Defenses, and New Challenges” on the AppSec and Network Security topic track on August 5th at 10 am PT. The talk will demonstrate four new HTTP Request Smuggling attack variants that work against COTS, popular, present-day web servers and HTTP proxy servers, and discuss the shortcomings of existing free, open-source solutions for HTTP Request Smuggling.
SafeBreach Labs Security Researcher Peleg Hadar and Research Team Leader Tomer Bar will present “A Decade After Stuxnet’s Printer Vulnerability: Printing is Still the Stairway to Heaven” in the Cloud & Platform Security and Exploit Development topic track on August 6th at 11 am PT. The talk will analyze two past Stuxnet’s vulnerabilities and how they were partially patched (even multiple times) and provide a live demo of two 0-day vulnerabilities discovered in the Windows Print Spooler, which was the third disclosed Stuxnet vulnerability and was thought to be patched.