Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 18 August 2014. | In this podcast recorded at Black Hat USA 2014, Silvio Cesare, Director of Anti-Malware Engineering at Qualys, discusses the security measures of a number of household devices and things.
Posted on 18 August 2014. | In this interview, Morris Altman, the Director of Network Services and Internet Security Officer at Queens College, talks about his job, the biggest challenges and threats his team faces, exchanging knowledge, and more.
Posted on 15 August 2014. | The Gameover Zeus gang, whose activity has been temporarily foiled by a successful multi-national law enforcement takedown in June, is trying to regain lost ground. The new malware variant - dubbed newGOZ - has been modified to know when particular C&C domains will be online.