BadTunnel: How Do I Get Big Brother Power?

Black Hat USA 2016

Presented by: Yang Yu
Date: Thursday August 04, 2016
Time: 09:00 - 09:25
Location: Mandalay Bay EF

This presentation will introduce a new threat model. Based on this threat model, we found a flaw in the Windows system. It affects all Windows released in the last two decades, including Windows 10. It also has a very wide range of attacks surface. The attack can be performed on all versions of Internet Explorer, Edge, Microsoft Office, many third-party software, USB flash drives, and even Web server. When this flaw is triggered, YOU ARE BEING WATCHED.

We will also show you how to defend against this threat, particularly on those systems are no longer supported by Microsoft.

Yang Yu

Yang Yu is Director of Xuanwu Lab of Tencent. He has more than a decade ofexperience researching and working in the computer security space. He hasspoken at many security conferences in the past, on different topics atBlackhat, CanSecWest, HITCon, XCon, and etc. He is also a $100,000 MicrosoftMitigation Bypass bounty winner.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats