Owning entire organisations with regional software they've never heard of presented at SysCan 2012

by Ryan Macarthur, Beist ,

Summary : "Outsourcing is great right? Cheap labor/First to Market/Exploiting resources are all excellent reasons to set up a remote office. The problem in defending your newly acquired revenue center is that you cannot replicate your security practices and expect them to succeed against local threats. If you deployed the most popular/expensive US based security products would you feel protected? In this talk we will use South Korea as a case study. A short introduction to the criminal hacking scene in Korea will be given, and then a demo of us bypassing enterprise security solutions with a 0day in one of the most popular word processors in Korea (99% penetration) will be shown. How popular is that p2p client Xunlei in china? Why do state of the art malware detection appliances fall short? All this and more after Ben Nagy talks about fuzzing; don't miss it!"