Why Johnny Can't Patch: And What We Can Do About It[MP4] [0:29:50] [2013/04/09]Malware typically targets vulnerabilities that were fixed a long time ago. This only works because users are not installing security updates. We set out to find out who these users are, how many of…
Pass the Hash and Other Credential Theft and Reuse: Preventing Lateral Movement and Privilege…[MP4] [0:36:40] [2013/04/09]Pass the Hash and other credential theft and reuse has become one of the most popular attacks affecting our customers. In 2012, multiple of our high profile customers made their top priority to…
Why UEFI?[MP4] [0:42:15] [2013/04/09]After years of promises, 2012 finally saw the PC industry transition from the legacy BIOS interface to the slightly less legacy UEFI. UEFI gave us a firmware interface with modern functionality (High…
Building Trustworthy Windows Store Apps[MP4] [0:43:14] [2013/04/09]The new Windows Store App environment was built to provide the user with confidence: nothing bad should happen to the typical user, no matter how many Windows Store Apps they try, buy, and uninstall.…
Don't Stand So Close To Me: An Analysis of the NFC Attack Surface[MP4] [0:46:40] [2013/04/09]"Near Field Communication (NFC) has been used in mobile devices in some countries for a while and is now emerging on devices in use near you. This technology allows NFC-enabled devices to…
Stuff My Cloud Evangelist Says... Just Not My CSO[MP4] [0:44:46] [2013/04/09]No description available.
Scriptless Attacks: Stealing the Pie Without Touching the Sill[MP4] [0:41:44] [2013/04/09]Due to their high practical impact, Cross-Site Scripting (XSS) attacks have attracted a lot of attention from the security community members. In the same way, a plethora of more or less effective…
Social Authentication[MP4] [0:41:25] [2013/04/09]Passwords suck. Security questions are a joke. Two-factor? Hah. Web authentication is frustratingly broken. Over the past year, Facebook engineers have been experimenting with various attempts to…
Fraud and Abuse, A Survey of Life on the Internet Today[MP4] [0:30:39] [2013/04/09]As the world continues to move more and more online and toward the cloud, so have the people who target our customers with fraud and abuse. In this talk I will give insights into the types of issues…