Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 28 August 2014. | As an active adventure gamer, Dwayne Melancon, CTO at Tripwire, noticed that some of the things he does to achieve success in video games can be applied to information security.
Posted on 27 August 2014. | Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.
Posted on 26 August 2014. | Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive.