Sangfor at Defcon 2021 PR

Sangfor Technologies is proud to announce their presentation – Don't Dare to Exploit - An Attack Surface Tour of SharePoint Server – at DEFCON 29 in Las Vegas on August 7, 2021, outlining several previously unknown SharePoint attack surfaces, mitigations to these attack surfaces, and how these mitigations can be bypassed. The exploits will be demonstrated during the 45-minute presentation.

The presentation, by Sangfor BlueOps members Yuhao Weng and Zhiniang Peng, with security researcher Steven Seeley, selected from thousands submitted to DEFCON, will explain the security architecture of Microsoft SharePoint's server and how it differs from other popular Content Management System (CMS) products. From an offensive perspective, it will reveal several attack surfaces, mitigations implemented against them, and how those mitigations can be bypassed. Several high impact vulnerabilities (including CVE-2021-24072, CVE-2020-17120, and CVE-2020-17017) will be discussed detailing their discovery and exploitation.

SharePoint is the most well-known CMS used to share and manage content within organizations simplifying team collaboration. Zero-day vulnerabilities are exploited by cyber attackers to gain administrative access to networks for data theft or further infiltration and infection of the network.

DEFCON is the largest gathering of hackers from around the world, held annually in Las Vegas, Nevada, and is attended by the world's top security professionals, journalists, researchers, students, law enforcement – and yes, hackers.

Sangfor BlueOps Team 

Sangfor BlueOps, Sangfor's highly skilled defensive security testing or blue team, works to improve attack detection and defense strategies for all Sangfor's security solutions. Experienced security teams are the rock-stars of the cyber security world, keeping up with a constant flow of new cyber threats and vulnerabilities. Sangfor's BlueOps team is responsible for ensuring enterprises have the tools they need to respond effectively, identify threats quickly, and keep their software and users safe and productive.

About Sangfor Technologies

Sangfor is a leading global vendor of IT infrastructure and security solutions specializing in Cyber Security and Cloud Computing.

For more information on Sangfor's presentation, or on Sangfor's suite of security solutions such as NGFW & NDR, visit our website or social media pages.

Enjoy FREE use of the VMware ESXi version of Sangfor's Next Generation Application Firewall with free Virtual Public Network and Endpoint Secure endpoint protection, the total solution for a secure network with remote workers. Apply now.

Media Contact

Sunny Sun
marketing@sangfor.com
Tel: +86 755-8656 0605

 

CONTACT SANGFOR FOR BUSINESS INQUIRIES

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

News

Sangfor Technologies Achieves Gold OPSWAT Endpoint Security Certification for Anti-Malware

Date : 20 Nov 2024
Read Now
Press Release

Sangfor Technologies Expands SASE Infrastructure in Malaysia with Second Point of Presence (POP)

Date : 18 Oct 2024
Read Now
News

Sangfor Technologies Wraps Up 2024 EMEA & LATAM EPIC Innovation Summit with Grand Success in Shenzhen

Date : 26 Sep 2024
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
Sangfor Network Secure - Next Generation Firewall
Platform-X
Sangfor Access Secure