A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Blurred Lines - When Digital Attacks Get Physical — Phil Grimes (Circle City Con 2014 Videos) (Hacking Illustrated Series InfoSec Tutorial Videos)

Blurred Lines- When Digital Attacks Get Physical — Phil Grimes
Circle City Con 2014

Abstract: As the vulnerability landscape evolves, the threat agent changes with it. Where network level vulnerabilities once ruled, the application layer has become one of the most popular and fruitful surfaces to attack. But most breaches are the result of a multi-faceted effort which combines some level of technical hacking with social engineering.

During this session, learn how these blurred lines intersect, how vectors of one paradigm often relate to another. In a talk that approaches the social engineering aspect from a different angle, we’ll discuss the OWASP Top 10 list from 2013 and how these attacks can be mapped from web application security to be used to hack the human element. The vulnerabilities found in this Top 10 list are significant in terms of web application security but with the creativity of a composite attacker, learn how they can be used in the physical world and aimed at the weakest link in the security chain, the people, to cause damage or infiltrate an organization. This is a 45 minute presentation built around stories of real world examples, with a 15 minute Q&A or open discussion. This advanced session is aimed at penetration testers, management, and workers on the front lines who might fall prey to social engineering attacks as they interface with the public or an organization’s customer base.

Back to Circle City Con 2014 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast