We will explore two threats – Android stalkerware and XP exploits
UPDATE (May 13th, 2021): This article was updated to clarify information about the sessions that ESET researchers will host.
We are just a few days away from RSA Conference 2021 (May 17-20), an important annual event for the IT security industry and research. ESET is excited to have a strong presence on the virtual show floor, with its researchers set to host two much-anticipated sessions. Our very own Jean-Ian Boutin, Zuzana Hromcová and Lukáš Štefanko will provide deep dives into Windows XP exploits and Android stalkerware.
Both presentations will take place on May 17, the opening day of the conference. ESET researcher Lukáš Štefanko will address “Security: The Hidden Cost of Android Stalkerware” from 11:20 to 12:00 PDT (20:20 to 21:00 CEST). Stalkerware is used to spy on users by gathering, transmitting, and storing information about their activities. ESET Research has discovered serious vulnerabilities in Android stalkerware apps and their monitoring servers that, if exploited, could have a serious impact on the victims. Based on ESET telemetry, the number of stalkerware detections in 2020 rose by 48% compared to 2019. Lukáš will cover more than 80 different families of Android stalkerware and focus on security issues and privacy flaws in their code.
Immediately following Lukáš Štefanko, Head of Threat Research at ESET Jean-Ian Boutin and ESET researcher Zuzana Hromcová will take the virtual stage with “Beyond Living-Off-the-Land: Why XP Exploits Still Matter” from 12:05 to 12:45 PDT (21:05 to 21:45CEST). Living-Off-the-Land refers to a technique where attackers use legitimate, preinstalled tools to carry out their malicious operations. At ESET, we know how a vulnerable Windows XP DLL can quickly turn incident response into a nightmare – learn from our experience and leverage our guidance to fortify your defenses.
To watch the presentations live, register at the RSA Conference 2021 website. Be sure to check the conference’s full agenda for additional information, including which type of access pass works best for you. We hope to see you at the conference.
If you cannot join the event live, however, ESET Research has you covered. WeLiveSecurity.com will publish a white paper by Lukáš Štefanko on Android stalkerware on the first day of the conference.