Menu

Captain Unhook: How to Bypass Everything… Literally

Stuart McClure, CEO of Cylance, Inc., walks through a series of live demos:

1) Unhooking "Captain Unhook"
2) Boyson: Network Device Ransomware
3) BIOS Ransomware

McClure dives into the anatomy of a hack—from the modules being loaded into the process all the way down to comparing the clean and current versions. In user-land, malicious processes have the same access to hooks as the security products installed to protect the system.

McClure also goes through a PoisonTap: where eventhough the box is locked, a hacker can plug in and exploit the system. Using the refresh feature powered by Java Script, a Raspberry Pi Zero can be hacked where the Raspberry Pi becomes a network gateway and ransomware can be deployed.

McClure also touches on why BIOS hacks are a common go-to for hackers: updates are so infrequent that systems can be infected for years with little reprieve.

Speaker

Headshot

Stuart McClure CEO, Cylance

← View more Videos

This document was retrieved from http://www.rsaconference.com/videos/captain-unhook-how-to-bypass-everything-literally on Mon, 24 Jul 2017 20:51:20 -0400.
© 2017 EMC Corporation. All rights reserved.