Wednesday, April 27, 20162 years agoSingapore, Singapore
MWR is pleased to announce that Benjamin Harris will be presenting at Null Singapore on the vulnerabilities found in Trend Micro.
Null meets are free for anyone to attend. Just come with an open mind and a willingness to share and learn.
Talk presented by MWR
Room: KPMG Clubhouse
Topic: Trend Micro - All Seeing Eye
Speakers: Benjamin Harris
Description: As we move into an increasingly security-conscious world, organizations are purchasing solutions and tools to simplify and automate parts of their day to day activities, in the form of security software. This software comes in many guises, such as anti-virus, endpoint security, SIEMs and firewalls. This software is regularly assumed to be robust and secure, given its purpose, and is thus overlooked when implementing in an enterprise environment from a security review perspective.
During a recent red team engagement with a global client, it was observed that a host intrusion detection solution had been deployed across the entire estate to monitor for signs of compromise. The assessment team theorized that a vulnerability in this software could allow an attacker to compromise the entire network rapidly, or gain access to a significant amount of sensitive information which could be manipulated to hide signs of a compromise within a centralized management interface. Following this thought process, an industry recognized piece of software was chosen to be the subject of a piece of research and work was begun on the 6 hour flight back to Singapore. By the end of this flight, remote command execution as NT AUTHORITY/SYSTEM had been obtained in the management interface, allowing the focus to move to the endpoint client.
In this talk we will discuss the vulnerabilities identified in the management interface alone, and how they were identified. We will discuss what should be done when choosing a security solution, and what considerations should be made to ensure that you are not significantly increasing the risk to your organization.