Two Sangfor Studies Selected for Presentation at Black Hat USA 2021

HONG
KONG SAR – Media
OutReach – 28 June 2021 – Black Hat USA
2021 kicks off on July 31^st, bringing together the world’s most
cutting-edge security researchers for a week of security demonstrations and
information sharing. Competition to present is fierce, with only the most
unique research highlighted. Sangfor Security Team is proud to be presenting two
studies to the world’s top security experts and researchers.

Black Hat USA is
the largest and most authoritative source for security trends. Two Sangfor studies were selected from thousands submitted for presentation: “ Diving
Into Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer” and “Exploiting
Windows COM/WinRT Services” with Sangfor researchers Zhiniang Peng, Xuefeng Li and Lewis Lee presenting.  These presentations
showcase previously unknown or zero-day privilege escalation (LPE) and remote
execution (RCE) vulnerabilities. Hackers exploit LPE and RCE vulnerabilities to
gain administrative access for stealing data, installing ransomware, or to
attack other systems.  Zero-day
vulnerabilities greatly increases risk from LPE and RCE vulnerabilities because
you cannot protect against what you do not know.

Multiple 0-Day
Vulnerabilities Found in Spooler

Ten years ago, the Stuxnet worm used a Windows Printer Spooler privilege
upgrade vulnerability to destroy Iran’s nuclear enrichment centrifuges, and
infect more than 45,000 networks, crippling Iran’s nuclear facilities.  Sangfor researchers discovered multiple, new 0-day
vulnerabilities within Spooler, all detailed in their upcoming presentation at
the Black Hat conference.

Sangfor Discovers Hundreds of
Windows COM/WinRT Vulnerabilities

Windows
COM/WinRT components are a basic part of Windows 10 Universal Windows Platform
(UWP) applications, widely used for cross-process communication. Security
vulnerabilities in these components means Windows systems would be exposed to many
different types of attack. Sangfor researchers discovered more than 100
vulnerabilities in Windows COM/WinRT services.

Sangfor
BlueOps Team

Experienced security teams
are the most coveted in cyber security now, keeping up with the constant flow
of new cyber threat and ensuring enterprises have the tools they need to
respond effectively. Sangfor BlueOps, Sangfor’s highly skilled defensive security
test or blue team, works to improve attack detection and defence of Sangfor’s security
solutions. They hunt threats daily to identify dangers from hacking groups and their
software then develop effective response methods against them.