hotwing, a brother of skywing, has been working at Microsoft as a security researcher/developer for almost 9 years now. Nobody knows exactly what he’s working on, but a legend says he has been involved in various lucrative projects such as zero day attacks and an underground market where he made a fortune. His brother denies the rumor but their 5 Swiss bank accounts seem to indicate otherwise.
[Abstract] Finding zero days exploited in the wild is an interesting business. Given the fact that not all zero day attacks succeed and many end up in crash dumps, studying crash dumps for zero days is profitable. This talk covers some of the interesting characteristics of crash dumps in terms of zero day hunting and introduces hunting techniques to identify real attacks out of millions of crash dumps.