BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2 024-38021\n When: Friday\, Aug 9\, 16:00 - 16:45 PDT\n Where: LVCC Wes t/Floor 1/Hall 1/Track 4 - [1]Map\n\n Description:\n\n Did you ever re ceive an empty email and immediately think it might be\n a reconnaissanc e attack? What if opening such an email in your Outlook\n client could t rigger remote code execution through an invisible form?\n Yes\, all form s are COM objects\, and CVE-2024-21378 has flung open the\n gates to Out look RCE chaos.\n\n In our session\, "Outlook Unleashing RCE Chaos: CVE- 2024-30103" we'll\n dive into how this seemingly innocuous vulnerability can lead to\n mayhem. This vulnerability paved the way for us to discov er a series\n of new remote code execution vulnerabilities in Outlook\, including\n CVE-2024-30103. But we’re not stopping there.\n\n Additi onally\, we'll uncover other vulnerabilities that can cause NTLM\n leaks from your domain-joined devices.\n\n So\, how did we get here? Join us as we construct an evolution timeline\n of this attack surface. From the origins of these exploits to their\n current incarnations\, we'll cover it all. And because we believe in\n building a safer digital world\, we 'll conclude with specific\,\n actionable recommendations on how to mini mize these threats.\n\n 1. [2]link\n\n 2. [3]link\n\n 3. [4]li nk\n\n 4. [5]link\n\n 5. [6]link\n\n 6. [7]link\n\n Speakers :Michael Gorelik \,Arnold Osipov\n\n SpeakerBio: Michael Gorelik \, Fou nder at Morphisec\n\n Michael has amassed over twenty years of experienc e in the\n cybersecurity industry\, with a decade at Morphisec where he pioneered\n Moving Target Defense within Endpoint Security. Prior to fou nding\n Morphisec\, he collaborated on numerous security projects with D eutsche\n Telekom and Ben-Gurion University laboratories. His expertise spans\n roles as a reverser\, malware researcher\, penetration tester\, and\n vulnerability researcher. Michael holds more than seven patents an d a\n Master of Science degree in Computer Science from Ben-Gurion\n U niversity\, Israel. He has worked with the FBI on several significant\n cybersecurity cases and identified critical privilege escalation\n explo its in various endpoint security vendors. Michael is a seasoned\n speake r at industry conferences and led his team to uncover one of the\n large st supply chain attacks\, the CCleaner incident.\n\n SpeakerBio: Arnold Osipov\, Distinguished Malware Researcher at\n Morphisec\n\n Arnold i s a distinguished malware researcher at Morphisec\, renowned\n for disco vering new categories of malware\, including the Jupyter and\n Chaos inf o stealers among others. His groundbreaking work has\n significantly adv anced understanding and mitigation of emerging\n malware threats. Arnold has presented his findings at various BSides\n events throughout Europe \, establishing himself as a knowledgeable and\n engaging speaker. His r esearch continues to push the boundaries of\n cybersecurity\, enhancing both Morphisec’s capabilities and the\n broader security landscape.\n\ n '\n\n 1. #LVCCW_Level1_Hall1\n 2. https://www.netspi.com/blog/tech nical-blog/red-team-operations/microsoft-outlook-remote-code-execution-cve -2024-21378/\n 3. https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23 397-microsoft-outlook-elevation-of-privilege-vulnerability/\n 4. https:/ /www.akamai.com/blog/security-research/important-outlook-vulnerability-byp ass-windows-api\n 5. https://www.varonis.com/blog/outlook-vulnerability- new-ways-to-leak-ntlm-hashes\n 6. https://research.checkpoint.com/2024/t he-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/\ n 7. https://sensepost.com/blog/2017/outlook-forms-and-shells/\n\n\n DTEND:20240809T234500Z DTSTART:20240809T230000Z LOCATION:DC - LVCC West/Floor 1/Hall 1/Track 4 SUMMARY:Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021 END:VEVENT END:VCALENDAR