Untuk memberi Anda pengalaman terbaik, situs ini menggunakan cookie. Tinjau Kebijakan Privasi kami dan Ketentuan Layanan untuk belajar lebih. Mengerti!
Artwork

Podcasting Tech Blackhat Briefings Blackhat Japan 2005 Hacking Computer Security Information Security InfoSec Speeches Presentations Audio Tech News Japan Jeff Moss
Konten disediakan oleh Black Hat and Jeff Moss. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat and Jeff Moss atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference
Jeremiah Grossman: Phishing with Super Bait (English)

1:05:44
 
Putar
Memutar
Bagikan
 

MP3Beranda episode
Manage episode 153983871 series 1109073
Konten disediakan oleh Black Hat and Jeff Moss. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat and Jeff Moss atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
"The use of phishing/cross-site scripting (XSS) hybrid attacks for financial gain is spreading. It?s imperative that security professionals familiarize themselves with these new threats to protect their websites and confidential corporate information. This isn't just another presentation about phishing scams or cross-site scripting. We?re all very familiar with each of those issues. Instead, we?ll discuss the potential impact when the two are combined to form new attack techniques. Phishers are beginning to exploit these techniques, creating new phishing attacks that are virtually impervious to conventional security measures. Secure sockets layer (SSL), blacklists, token-based authentication, browser same-origin policy, and monitoring / take-down services offer little protection. Even eyeballing the authenticity of a URL is unlikely to help. By leveraging cross-site scripting, the next level of phishing scams will be launched not from look-alike web pages, but instead from legitimate websites! This presentation will demonstrate how these types of attacks are being achieved. We'll also demonstrate the cutting edge exploits that can effectively turn your browser into spyware with several lines of JavaScript. And, we'll give you the steps you need to take to protect your websites from these attacks. Jeremiah Grossman is the founder and Chief Technology Officer of WhiteHat Security (http://www.whitehatsec.com), where he is responsible for web application security R&D and industry evangelism. As a seven-year industry veteran and well-known security expert, Mr. Grossman is a frequent international conference speaker at the Blackhat Briefings, ISSA, ISACA, NASA, and many other industry events. Mr. Grossman's research, writings, and discoveries have been featured in USA Today, VAR Business, NBC, ABC News (AU), ZDNet, eWeek, BetaNews, etc. Mr. Grossman is also a founder of the Web Application Security Consortium (WASC), as well as a contributing member of the Center for Internet Security Apache Benchmark Group. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!, responsible for performing security reviews on the company's hundreds of websites."
  continue reading

14 episode

#Podcasting #Tech #Blackhat Briefings #Blackhat Japan 2005 #Hacking #Computer #Security #Information Security #InfoSec #Speeches #Presentations #Audio #Tech News #Japan #Jeff Moss
Artwork

Jeremiah Grossman: Phishing with Super Bait (English)

Black Hat Briefings, Japan 2005 [Audio] Presentations from the security conference

published

Putar Memutar
iconBagikan
 
MP3Beranda episode
Manage episode 153983871 series 1109073
Konten disediakan oleh Black Hat and Jeff Moss. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Black Hat and Jeff Moss atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
"The use of phishing/cross-site scripting (XSS) hybrid attacks for financial gain is spreading. It?s imperative that security professionals familiarize themselves with these new threats to protect their websites and confidential corporate information. This isn't just another presentation about phishing scams or cross-site scripting. We?re all very familiar with each of those issues. Instead, we?ll discuss the potential impact when the two are combined to form new attack techniques. Phishers are beginning to exploit these techniques, creating new phishing attacks that are virtually impervious to conventional security measures. Secure sockets layer (SSL), blacklists, token-based authentication, browser same-origin policy, and monitoring / take-down services offer little protection. Even eyeballing the authenticity of a URL is unlikely to help. By leveraging cross-site scripting, the next level of phishing scams will be launched not from look-alike web pages, but instead from legitimate websites! This presentation will demonstrate how these types of attacks are being achieved. We'll also demonstrate the cutting edge exploits that can effectively turn your browser into spyware with several lines of JavaScript. And, we'll give you the steps you need to take to protect your websites from these attacks. Jeremiah Grossman is the founder and Chief Technology Officer of WhiteHat Security (http://www.whitehatsec.com), where he is responsible for web application security R&D and industry evangelism. As a seven-year industry veteran and well-known security expert, Mr. Grossman is a frequent international conference speaker at the Blackhat Briefings, ISSA, ISACA, NASA, and many other industry events. Mr. Grossman's research, writings, and discoveries have been featured in USA Today, VAR Business, NBC, ABC News (AU), ZDNet, eWeek, BetaNews, etc. Mr. Grossman is also a founder of the Web Application Security Consortium (WASC), as well as a contributing member of the Center for Internet Security Apache Benchmark Group. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!, responsible for performing security reviews on the company's hundreds of websites."
  continue reading

14 episode

#Podcasting #Tech #Blackhat Briefings #Blackhat Japan 2005 #Hacking #Computer #Security #Information Security #InfoSec #Speeches #Presentations #Audio #Tech News #Japan #Jeff Moss

Minden epizód

×
 
Loading …

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

 

Dengarkan 500+ topik
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !
Get it on App Store Get it on Google Play

Panduan Referensi Cepat

Podcast Teratas
Laga Raga - Berita Olahraga Terkini
Digipreneur Podcast - Digital Marketing, Startup, Teknologi, dan Bisnis Online di Indonesia
Podcast Awal Minggu
Dummy Podcast Indonesia
Show Box
Rasarab - Indonesia
Indonesian News - NHK WORLD RADIO JAPAN
Asumsi Bersuara
Actionesia
Sains Sekitar Kita
TemuKonco Podcast
Player FM logo
Bantuan/FAQ | Tingkatkan | Mengiklankan
Seni|Bisnis|Komedi|Ekonomi|Hiburan|Berita|Politik|Agama
Ilmu Pengetahuan|Sepak Bola|Olah raga|Cerita|Teknologi|Kejahatan
Hak Cipta 2024 | Peta Situs | Kebijakan Privasi | Ketentuan Layanan | | hak cipta
Episode being played series thumbnail
icon icon
Kecepatan
Pengaturan Seri
1x
1x
Volume
100%
icon
icon icon
/

Lihat Player FM di ...
Player FM
Browser
Chrome
Safari
Firefox