a day in the life of a vulnerability researcher · a day in the life of a vulnerability researcher...
TRANSCRIPT
A Day in the Life of a Vulnerability Researcher
Vincent LeeVulnerability Researcher
2 Copyright 2017 Trend Micro Inc.2
Who am I?
•Vulnerability Researcher @ ZDI
•BASc Computer Engineering
•Twitter: @trendytofu
What is ZDI?and what do we do?
4 Copyright 2017 Trend Micro Inc.4
World’s largest vendor agnostic bug bounty program
ZERO DAY INITIATIVE
5 Copyright 2017 Trend Micro Inc.
How it works
Trend Micro Customers Protected Ahead of Patch
Other Network Security Vendor’s Customers at Risk
Vulnerability submitted to the
ZDI program
Vendor Notified
Digital Vaccine®
Filter Created
Vendor Response Window
Vulnerability is Patched or Remains
Unfixed
Public Disclosure
Copyright 2018 Trend Micro Inc.6
Law EnforcementIndustry
Coordinated disclosure
Consumers Business Government
Public/Private Partnerships
Alerts, blogs, news, reports, guidance
Free tools
Insights to improve Trend Micro’s core technology and products
Trend Micro Research
24X7 response, security updates, IPS rules…
Threats Vulnerabilities & Exploits
Cybercriminal Undergrounds
IoT OT / IIoTAI &Machine Learning
Future Threat Landscape
Targeted Attacks
Healthcare
Copyright 2017 Trend Micro Inc.
Targeted Incentive Program
Copyright 2017 Trend Micro Inc.
Pwn2Own Organizer
TheExploitEconomy
10 Copyright 2017 Trend Micro Inc.
Evolving Marketplace
SECURITY RESEARCHERS and HACKERS have a multitude of options available to sell their BUGS
White Market Grey Market Black Market
11 Copyright 2017 Trend Micro Inc.
Marketplace
White Market
Security Vendors
Bug Bounty Programs
Gray Market
Exploit Brokers
Exploit Shops
Exploit Intelligence Marketplace
12 Copyright 2017 Trend Micro Inc.
Economy in Action
ResearchersFinds Bugs
Bug BountyProgram
Report to Vendor
Sell Report$1K - $25K
Signatures
Exploit Writer
$10K - $100K
Vuln Broker
Government
$10K - $1000K
$10K - $1000K
UsedAgainst??
Bot HerderBotnet Creator Compromises PCs
Sells Exploit Rents Botnet
Spammer DDoS Extortion Credential Harvesting
Smart Criminal Make One Big Purchase
Sells Stolen Creds
Dumb Criminal Buys Beer & Chips
Re-Sells Stolen Creds
13 Copyright 2017 Trend Micro Inc.
Economy in Action
ResearchersFinds Bugs
Bug BountyProgram
Report to Vendor
Sell Report$1K - $25K
Signatures
Completely Legal*
14 Copyright 2017 Trend Micro Inc.
Economy in Action
ResearchersFinds Bugs
Vuln Broker
Government
$10K - $1000K
$10K - $1000K
UsedAgainst??
Mostly Legal*
15 Copyright 2017 Trend Micro Inc.
Economy in Action
ResearchersFinds Bugs
Exploit Writer
$10K - $100K
Bot HerderBotnet Creator Compromises PCs
Sells Exploit Rents Botnet
Spammer DDoS Extortion Credential Harvesting
Smart Criminal Make One Big Purchase
Sells Stolen Creds
Dumb Criminal Buys Beer & Chips
Re-Sells Stolen Creds
Definitely Not Legal*
16 Copyright 2017 Trend Micro Inc. 16
Responsibilities
17 Copyright 2017 Trend Micro Inc.
•Review report•Acquire/install/configure product•Run PoC and debug•Reverse engineering to find out root cause, and determine exploitability •Offer•Detection guidance
Triage process in a nutshell
ZDI-19-508CVE-2019-7824
19 Copyright 2017 Trend Micro Inc.
ZDI-19-508
20 Copyright 2017 Trend Micro Inc.
ZDI-19-508
21 Copyright 2017 Trend Micro Inc.
ZDI-19-508
22 Copyright 2017 Trend Micro Inc.
ZDI-19-508
23 Copyright 2017 Trend Micro Inc.
ZDI-19-508
24 Copyright 2017 Trend Micro Inc.
ZDI-19-508
25 Copyright 2017 Trend Micro Inc.
ZDI-19-508
26 Copyright 2017 Trend Micro Inc.
ZDI-19-508
27 Copyright 2017 Trend Micro Inc.
ZDI-19-508
28 Copyright 2017 Trend Micro Inc.
ZDI-19-508
29 Copyright 2017 Trend Micro Inc.
ZDI-19-508
30 Copyright 2017 Trend Micro Inc.
ZDI-19-508
31 Copyright 2017 Trend Micro Inc.
ZDI-19-508
Pwn2Own
33 Copyright 2017 Trend Micro Inc.
Pwn2Own
34 Copyright 2017 Trend Micro Inc.
Pwn2Own
•CanSecWest - Vancouver(March)
•PacSec – Tokyo (November)
35 Copyright 2017 Trend Micro Inc.
Pwn2Own
36 Copyright 2017 Trend Micro Inc.
Pwn2Own
37 Copyright 2017 Trend Micro Inc.
Pwn2Own
38 Copyright 2017 Trend Micro Inc.
Pwn2Own
39 Copyright 2017 Trend Micro Inc.
Pwn2Own
40 Copyright 2017 Trend Micro Inc.
Pwn2Own
41 Copyright 2017 Trend Micro Inc. 41
Research
42 Copyright 2017 Trend Micro Inc. 42
Research
https://www.zerodayinitiative.com/blog/
43 Copyright 2017 Trend Micro Inc. 43
Find us at these conferences
44 Copyright 2017 Trend Micro Inc.
Plugging In
https://www.zerodayinitiative.com
@thezdi
PGP https://www.zerodayinitiative.com/documents/zdi-pgp-key.ascFingerprint: 743F 60DB 46EA C4A0 1F7D B545 8088 FEDF 9A5F D228
QuestionsThank you for your time and attention