A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


An Inconvenient Truth: Evading the Ransomware Protection in Windows 10 - Soya Aoyama Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

An Inconvenient Truth: Evading the Ransomware Protection in Windows 10
Soya Aoyama
Derbycon 2018

The WannaCry cyber-attack all over the world in May, 2017 is still fresh in our minds. The malware encrypted and rendered useless hundreds of thousands of computers in over 150 countries. As a measure against ransomware, Microsoft introduced the function "Ransomware protection" in "Windows 10 Fall Creators Update". How does this function work? Is it really effective? In this talk, I will explain the operation principles of "Controlled folder access" of "Ransomware protection" through demonstration video. Then I show the requirements to avoid this function, and describe that this function can be avoided very easily. And I will ask you that we may have to reconsider the definition of vulnerability.

Soya Aoyama is security researcher at Fujitsu System Integration Laboratories Limited. Soya has been working for Fujitsu more than 20 years as software developer of Windows, and had been writing NDIS drivers, Bluetooth profiles, Winsock application, and more, and started security research about 3 years ago.Soya has gave presentation in AVTOKYO 2016 and BSides Las Vegas 2017 in the past.

@SoyaAoyama

Back to Derbycon 2018 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast