Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Detecting Persistent Threats on Draytek Devices - Security Assessment and Mitigation Tools

DEFCONConference via YouTube

Overview

Learn about critical security vulnerabilities in Draytek devices through this DEF CON 32 conference presentation. Explore how advanced attackers target edge devices like VPNs and firewalls, with a specific focus on Draytek equipment that has over 500,000 routers exposed to the Internet. Discover the process of reverse-engineering Draytek's firmware format and the development of extraction tools, revealing how its RTOS kernel can load potentially malicious code modules that persist through firmware upgrades. Gain insights into crafting and uploading malicious modules using newly discovered vulnerabilities, and understand the challenges end-users face in detecting these compromises. Learn about a defensive solution involving a custom-developed module for assessing the integrity of loaded memory modules, and access community tools for improving observability, hardening, and vulnerability research on Draytek edge devices.

Syllabus

DEF CON 32 - Detecting persistent threats on Draytek devices - Octavio Gianatiempo, Gastón Aznarez

Taught by

DEFCONConference

Reviews

Start your review of Detecting Persistent Threats on Draytek Devices - Security Assessment and Mitigation Tools

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.