COUNTERMEASURE25 Talk

Three Buddy Problem: LIVE // Costin Raiu, Ryan Naraine, Juan Andrés Guerrero-Saade

A special live recording of The Three Buddy Problem podcast, where three industry veterans tackle the complex, the controversial, and the downright weird corners of infosec. Sharp insights, unfiltered takes, current threats, hacker culture, and what's next for the security world.

TALK: CLFS Uncontained: Exploiting CLFS Without Touching the Log // Marco Ortisi, Ben Dumas

CVE-2025-29824 is a use-after-free in Windows CLFS that doesn't require tampering with CLFS containers. We discuss the root cause, reliable triggers, how it leads to kernel-level privilege escalation, detection strategies and potential forensic artefacts to monitor in real-world environments.

WORKSHOP: Writing a Windows Kernel Driver in 90 minutes // Pavel Yosifovich

Windows kernel driver writing may seem like "black magic", but like anything, it can be learned. In this code-packed session, we'll write one (or two) drivers from scratch, demonstrating the tools you need, and the foundations required for such a task.