May-24-25-2010 ERPScan at CONFidence 2010

Krakow, Poland – May 24-25, 2010 ERPScan experts took part in CONFidence 2010, the 7th international IT-Security conference took place on 24-25 May in Krakow, Poland. Among more than 400 participants the lead auditor of ERPScan, Alexey Sintsov, gave a talk on the latest trends in DEP and ASLR bypass having demonstrated the exploits and techniques of Return-Oriented Programming (ROP), and JIT-SPRAY method.

About CONFidence 2010

The conference brought together security experts from all over the world to share their experiences. The conference was attended by such eminent researchers as Dan Kaminsky, Vincenzo Iozzo, Daniel Mende and others. There were many interesting reports presented, for example, the report dedicated to the Windows x64 exploitation by Sebastian Fernandez, Immunity; very vivid and spectacular talk given by Moti Joseph who demonstrated private 0-day exploit on the encrypted WinNY Japanese P2P Program, and Cristofaro Mune’s presentation about remote private exploits for several Wi-Fi access points where these exploits can be used from the Internet. Also, there were many entertaining tournaments arranged at the conference, such as CrackMe, which Mateusz Jurczyk and Gynvael Coldwind won. Those experts closed the conference with the report on the vulnerabilities found in Windows OS core that bring about the escalation of system privileges.