BSidesLV 2016 has ended
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
Back To Schedule
Tuesday, August 2 • 15:00 - 15:55
Exposing the Neutrino EK: All the Naughty Bits

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The Angler Exploit Kit (EK) is now dead. In the wake of Angler's death, Neutrino has taken the lion's share of the EK market. As such, Neutrino has evolved into one of the most critical threats to users of the Information Superhighway. Try as we might, we simply cannot avoid our users from being redirected to EK landing pages. The simple question is: WHY DAMNIT?! This talk focuses on the ins and outs of the new king of the hill: Neutrino. We will discuss the modern EK along with Neutrino's dominance. We will then break down exactly how Neutrino works: We'll start with compromised site redirection methods, rock some landing page de-obfuscation, have fun reversing Flash, and end with exploit + shellcode analysis. If you'd like to know exactly how this little bastard does its dirty work, bring your butt to the talk!

avatar for Ryan J Chapman

Ryan J Chapman

Senior IR Analyst, Bechtel Corporation
Ryan Chapman works as a Senior Incident Response analyst. Prior to security, Ryan worked as a technical trainer. Ryan enjoys malware analysis, host/network-based forensics, and… just about everything else that has to do with blue team efforts. Outside of work, Ryan spends time with... Read More →

Tuesday August 2, 2016 15:00 - 15:55 PDT
Common Ground Florentine G