viaForensics webinar: Mobile forensic challenges on iOS and Android
gmazurat May 01,2015 This presentation is not for the faint of heart if you do not know what php and cookies are. A highly technical discussion on how to reverse engineer the php cookie to hijack a session. Additionally the NAT pinning demonstration was very interesting. At the end of the day, the common denominator of all of the presenter's attacks is that they still rely upon the human to take or (not take) action to succeed. The XXXSS attack required some level of social engineering and phishing to click on a link and the NAT pinning requires folks not to change default settings on their routers and use strong security on home wireless networks. All boils down to being smart about how you browse and who you communicate with online along with taking common sense security changes on your home network.
BretBlakeGMat May 05,2015 This video presentation is a very fun, if a bit troubling, watch. The presenter takes his time to explain things in a clear method using alot of humor to smooth it along. The information presented gives a good example of the process these attacks go about in order to gain their access. While many of the specific exploits shown have certainly been stopped up by all the major players. But for the vast majority of users out there that do not keep on top of all their software vulnerabilities, this information is still scary.
klevanat May 05,2015 With gmazur this one went into some depth. I think this guy likes a challenge or skirting the edge of what is legally acceptable.
marinomsat May 05,2015 Finding out how/why he was not allowed to touch a computer was pretty interesting. The work, and break down of his work, to communicate with this user via facebook is very interesting and how the bits our broken down when trying to be able to crack this SHA-1 code.
kcn278at May 07,2015 I like the reference with the Geolocation he made with Jack Bauer. I agree with him that privacy is diminishing; eventually it will be a luxury to have privacy.