Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 16 September 2014. | (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.
Posted on 15 September 2014. | Public and community clouds can be appealing targets for hackers looking to disrupt or steal information from scores of organizations with one successful strike. Here are some emerging security threats and issues cloud providers and their clients should be aware of.
Posted on 12 September 2014. | Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice - all in one place.
Posted on 10 September 2014. | We often hear about attacks against websites, most of which are mitigated by one of the many DDoS mitigation services available on the market. How do the big guys tackle these attacks? What weapons can an ISP bring to the battleground?