Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 19 November 2014. | Expectations for data security next year are surprisingly optimistic given the harsh reality of 2014. Enterprise security staffers are so confident that most respondents said they would "personally guarantee that their company's customer data will be safe in 2015."
Posted on 18 November 2014. | Ryan Ward, CISO at Avatier, talks about the overlooked benefits of risk assessment, offers best practices for performing successful risk assessments, outlines the pre-requisites for becoming a risk assessment professional, and more.
Posted on 17 November 2014. | Mark Gazit, the CEO of ThetaRay, talks about leveraging Big Data to secure networks, the advantages of using math-based anomaly detection as well as the evolution of threat detection in the past decade.