Moti Joseph

Senior Security Researcher at VRL of COSEINC

Moti Joseph is currently a Senior Security Researcher with the Vulnerability Research Lab (VRL) of COSEINC.
He has been involved in computer security since 2000 and has been working on reverse engineering exploit code and developing security products for CheckPoint and WebSense Secuirty Labs.
Moti has spoken in many conferences including ; Blackhat Las Vegas, NOPcon, CONFidence, SyScan, ShakaCon, POC.

Presentation: What happens in Windows 8 stays in Windows 8

Systems evolve over time, patches are applied, holes are fixed, new features are added. Windows 10 is the new flagship product of Microsoft, and as prepared as it can be for a world of white-, grey- and black-hat hackers. System components underlie a tough vulnerability assessment process and are updated frequently to sort out security problems even before they arise. But just too often it happens that these clever fixes are not applied globally to all components, but just to the newest version of a library. Now we want to make use of exactly that fact to uncover potential vulnerabilities.

What we aim for are the forgotten treasures in Windows 8 libraries, holes that got fixed for the bigger brother at some point – but stay unfixed in Windows 8 until today. We will present a tool that makes it easy to spot these forgotten vulnerabilities. We can keep track of different versions of libraries of different operating systems and
automate the analysis process of a big file set. The focus lies on safe functions, which indicate a potential weakness when missing. The tool we show is flexible and extendible to integrate new features, adapt it to different database backends or generate new views on the data to analyse.

Presentation @DefCamp 2014