DEF CON 29 – Jenko Hwong – New Phishing Attacks Exploiting OAuth Authentication Flows
OAuth 2.0 device authentication gives users on limited-input devices like TVs an easier way to authenticate against a cloud website/app
Read More
information security conference
DEF CON 29 – Shir Tamari, Ami Luttwak – New class of DNS Vulns Affecting DNS-as-Service Platforms
We present a novel class of DNS vulnerabilities that affects multiple DNS-as-a-Service (DNSaaS) providers. The vulnerabilities have been proven and
Read More
DEF CON 29 – Kelly Kaoudis, Sick Codes – Rotten code, aging standards, & pwning IPv4 parsing
Openness to responsibly disclosed external vulnerability research is crucial for modern software maintainers and security teams. Changes in upstream dependency
Read More
Travis Palmer – First Try DNS Cache Poisoning with IPv4 and IPv6 – DEF CON 27 Packet Hacking Village
DNS fragmentation attacks are a more recent series of cache poisoning attacks on resolvers. Even if DNSSEC is fully implemented,
Read More