Noushin Shabab
Noushin is a senior security researcher at Kaspersky's GReAT team specialising in reverse engineering and targeted attack investigations.

Her research focuses on advanced cyber criminal activities and targeted attacks. Prior to joining Kaspersky Lab, Noushin used to work as a senior malware analyst and software developer with first hand knowledge of rootkit analysis, detection techniques and APT attack investigations.

Noushin is an active speaker at different local and international conferences, some examples are INTERPOL World, MRE, Ruxcon2017, BSides Wellington 2017, Security Analyst Summit(SAS), AusCERT2018 and Kawaiicon Conferences.

Tutorial: Analysing and reverse engineering the most common exploits in the wild

In the world of cyber attacks, exploiting a vulnerability on a system is one of the most common ways to gain a foothold on a victim’s machine or to elevate the level of access to the resources of a machine which an attacker has already compromised.

However understanding how a piece of exploit code takes advantage of a vulnerability, is not always straightforward, even for experienced security experts.

In this workshop we will learn how the most commonly exploited vulnerabilities are being used in real attacks. We will focus on cases of exploits from the most sophisticated threat actors, dissect and analyse them one by one to understand their logic.

In order to get a better understanding of how exploits work in general, we chose CVEs targeting different softwares and platforms such as Microsoft Windows, Microsoft Office, Adobe and so on.

Target audience:
-Security analysts
-Malware analysts
-Red teamers
-Blue teamers
-Security enthusiasts in general

-Basic understanding of Microsoft Windows and Microsoft Office internals.
-Familiarity with vulnerability and exploit concepts.
-Intermediate skills in one or more scripting languages.

Learning outcomes:
-Learning about various malware analysis tools and how to use them.
-Thorough understanding of common exploit techniques and how they are used in the wild.
-Ability to analyse and understand the vulnerabilities and how the exploits work generally.

Secure your place now!