Where's Waldo...'s Brothers and Sisters: Variant Analysis on Recent 0-days presented at BlueHatIL 2020

by Maddie Stone,

URL : https://youtu.be/mC1Pwsdy814

Summary : When 0-day exploits are used in the wild, vendors and the security community often focus on the specific vulnerability used in that exploit. While it's important and necessary to get that singular vulnerability patched, there are often more vulnerabilities like it that the actor has also found. This talk presents case studies into the variant analysis done on recent 0-day exploits that were used in the wild. The talk will discuss the variety of variant analysis techniques used in the different cases and both the positive and negative results yielded. By completing variant analysis each time a new 0-day is found, we can ensure that we're making it as hard and as expensive as possible to use 0-days in the wild. ​