Video: Practical exploitation using a malicious SSID
Posted on 04 October 2013.
In this video from DerbyCon, Deral Heiland discusses the leveraging of SSIDs to inject various attacks into wireless devices, and management consoles. The type of injection attacks discussed includes XSS, CSRF, command injection and format strings attacks.
Heiland also talks about various malicious SSID restrictions, limitations, and potential attack success dependencies. Using live demonstrations he shows how each of these attack methods are carried out and how common this attack vector potentially is.
Posted on 10 July 2014. | Nearly 70% of companies that are responsible for the world's power, water and other critical functions have reported at least one security breach that led to the loss of confidential information or disruption of operations in the past 12 months.
Posted on 9 July 2014. | Nearly two-thirds of UK IT decision-makers said they expect their organization to be the target of a cyber attack within the next 12 months. 32% of those surveyed confirm their business was hit by a cyber attack during the past year.
Posted on 8 July 2014. | DDoS attacks are quickly becoming the preferred method for cyber attackers to wreak havoc on the internet. With a recent spate of attention grabbing headlines focused on the hacker's favorite tool, this article busts some myths about DDoS attacks.
Posted on 8 July 2014. | Gray Hall, CEO at Alert Logic, illustrates today's top cloud security threats, tackles privacy and surveillance issues, and offers security best practices organizations should implement when moving to the cloud.
Posted on 7 July 2014. | Adam Ely, COO of Bluebox, discusses the most significant mobile security challenges for enterprise security professionals, illustrates how BYOD is shaping the enterprise mobile security landscape, and more.