Thomas Hoffecker � Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon? Derbycon 2011 (Hacking Illustrated Series InfoSec Tutorial Videos)

Feel free to include my content in your page via my
RSS feed Follow @irongeek_adc

Help Irongeek.com pay for
bandwidth and research equipment:
Subscribestar or Patreon

Search Irongeek.com:

Affiliates:

Help Irongeek.com pay for bandwidth and research equipment:

Thomas Hoffecker � Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon? Derbycon 2011 (Hacking Illustrated Series InfoSec Tutorial Videos)

Thomas Hoffecker � Exploiting PKI for Fun & Profit or The Next Yellow Padlock Icon?
Derbycon 2011

Public Key Infrastructure (PKI) provides a large attack surface for the pentester. While attacking PKI directly may seem like a juicy target, using the information freely provided by PKI is of much more value than attempting to compromise well protected and monitored servers. This talk will demonstrate the information disclosure that is present in PKI implementations of large organizations in the private and public sector. It will explore the use of that information for purposes of social engineering, phishing, and network recon/profiling. Users have been groomed to accept anything that is signed or encrypted. Misusing the trust that users place in PKI is the new yellow padlock icon!

Back to Derbycon 2011 video list

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.