Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 27 August 2014. | Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.
Posted on 26 August 2014. | Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive.
Posted on 25 August 2014. | The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid.
Posted on 25 August 2014. | The importance of information security and technology risk management continues to grow, but many risk and security professionals continue to struggle with non-IT executive communication.