Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Modern Stuxnet-Style Attacks Using Filesystem Vulnerabilities and NTFS Exploits

x33fcon via YouTube

Overview

Explore a 44-minute conference talk from x33fcon examining how a modern-day Stuxnet-like attack could be implemented using contemporary cyber tactics. Learn about the exploitation of emulated read-only filesystem vulnerabilities and NTFS glitches, starting with an analysis of Stuxnet's original operational mechanisms. Understand how the Windows ecosystem's evolution has impacted attack strategies, including Bring-Your-Own-Vulnerable-Driver (BYOVD) techniques and security measures like Device Guard Signature Enforcement (DSE) and Hypervisor-protected Code Integrity (HVCI). Discover innovative attack methods targeting weaknesses in emulated read-only file systems and previously undisclosed NTFS glitches that enable stealthy deployment of malicious drivers while maintaining system persistence. Master the creation of new indicators of compromise (IOCs) specifically designed to detect these modern attack variations, gaining valuable insights into filesystem vulnerabilities and their implications for cybersecurity defense strategies.

Syllabus

14. Alessandro Magnosi: Leveraging Emulated Read-Only Filesystems and NTFS Glitches for Inf. & Pers.

Taught by

x33fcon

Reviews

Start your review of Modern Stuxnet-Style Attacks Using Filesystem Vulnerabilities and NTFS Exploits

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.