BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Detouring Danger: Hunting Privileged File Operation\
 n   Vulnerabilities in OT/ICS software\n   When: Friday\, Aug 9\, 14:00 - 
 14:55 PDT\n   Where: LVCC West/Floor 1/Hall 3/HW3-06-05 - [1]Map\n\n   Des
 cription:\n\n   The Microsoft Detours library was leveraged to instrument 
 the entire\n   process environment of an engineering workstation in an ope
 rational\n   technology/industrial control system (OT/ICS) setting. This a
 pproach\n   allowed for the comprehensive monitoring and analysis of privi
 leged\n   file operations within these systems. Through this method\, mult
 iple\n   vulnerabilities in SCADA software were identified and exploited\,
 \n   demonstrating the effective use of Detours for security research in\n
    critical infrastructure contexts. This presentation will discuss how\n 
   the custom dynamic-link library (DLL) developed with Detours enabled\n  
  the systematic examination of file operations\, leading to the\n   discov
 ery of security flaws that were then exploited. The talk will\n   showcase
  these exploitations\, providing insight into the types of\n   vulnerabili
 ties that were uncovered and the potential implications for\n   system sec
 urity. The focus will be on demonstrating the importance of\n   having an 
 effective vulnerability hunting strategy in critical\n   environments and 
 showing real exploitation scenarios of the\n   vulnerabilities found throu
 gh this method.\n\n   SpeakerBio:  Asher Davila\, IoT/OT Security Research
 er at Palo Alto\n   Networks\n\n   Asher Davila (@asher_davila) is an IoT/
 OT Security Researcher at Palo\n   Alto Networks\, leveraging his expertis
 e in the intersection of\n   software and hardware across IoT to IIoT\, IC
 S\, and critical\n   infrastructure security. His work includes discoverin
 g and disclosing\n   vulnerabilities and malware affecting these systems\,
  alongside\n   developing tools for reverse engineering and exploitation e
 fforts.\n   Asher has also presented his findings at multiple cybersecurit
 y\n   conferences and academic events.\n\n   '\n\n   1. #LVCCW_Level1_Hall
 3\n\n\n
DTEND:20240809T215500Z
DTSTART:20240809T210000Z
LOCATION:ICSV - LVCC West/Floor 1/Hall 3/HW3-06-05
SUMMARY:Detouring Danger: Hunting Privileged File Operation Vulnerabilities
  in OT/ICS software
END:VEVENT
END:VCALENDAR