POSTED BY: CENSUS / 08.02.2018

OffensiveCon 2018

CENSUS is proud to announce its participation in OffensiveCon 2018 as a Silver Sponsor.

The conference will take place on February 12-17, 2018 in Berlin, Germany and is a highly technical international security conference focused on offensive security only. The aim of OffensiveCon is to bring the community of hackers together for high quality and deep technical talks, engaging and renowned technical trainings.

CENSUS experts will be hosting a booth where topics focused -but not limited to- offensive security can be further discussed and analysed. Moreover, Nikos Sampanis, CENSUS computer security researcher will present the absolute latest Windows GDI manager architecture, and related mitigations for stopping data-only exploitation attempts. He will explain how to overcome such mitigations, in real world scenarios, such as in the context of a heap memory corruption exploit for Windows 10 RS2/RS3. The presentation will conclude with a detailed methodology on how to look for new Win32k data-only exploitation primitives, while keeping in mind that the new Win32k filtering mitigation also needs to be bypassed.

Nikos Sampanis' presentation “Windows 10 RS2/RS3 GDI Data-Only Exploitation Tales” is scheduled for Friday, 16th of February 2018 at 18:00.

For registration, please visit https://www.offensivecon.org/register.html

Update: presentation material is now available here.