Album De Fotos

•Transferir como PPS, PDF•

0 gostou•278 visualizações

Dolores Galván

Conferencia 19/11/2009

Tecnologia Turismo

Mais conteúdo relacionado

Destaque

The Future of Web Attacks - CONFidence 2010

Mario Heiderich

JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks

Mario Heiderich

Gestione della commessa

sata

This talk introduces and discusses a novel, mostly unpublished technique to successfully attack websites that are applied with state-of-the-art XSS protection. This attack labeled Mutation-XSS (mXSS) is capable of bypassing high-end filter systems by utilizing the browser and its unknown capabilities - every single f***** one of them. We analyzed the type and number of high-profile websites and applications that are affected by this kind of attack. Several live demos during the presentation will share these impressions and help understanding, what mXSS is, why mXSS is possible and why it is of importance for defenders as well as professional attackers to understand and examine mXSS even further. The talk wraps up several years of research on this field, shows the abhorrent findings, discusses the consequences and delivers a step-by-step guide on how to protect against this kind of mayhem - with a strong focus on feasibility and scalability.

The innerHTML Apocalypse

Mario Heiderich

JavaScript From Hell - CONFidence 2.0 2009

Mario Heiderich

ECMAScript 6, in short ES6, has been boiling in a copper pot for many years by now and step-by-step, browser vendors come forward to taste the first sips of this mystery soup. So, ES6 is no longer a theoretic language but already crawled across the doorstep and now lurks under your bed, ready for the nasty, waiting for the right moment to bite. Now, what is this whole ES6 thing? How did it develop and who made it? And why is it now implemented in your favorite browser? And what does it mean for web-security and beyond? This talk will answer these questions and showcase the new language from an attacker's perspective. You will see the new code constructs possible to be executed with ES6, new attack vectors and learn what you can do to tame that beast. Kafkaesque terminology such as expression interpolation, proper tail calls, computed properties, spread parameters, modules and tagged template strings will no longer be surprising you after attending this talk.

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...

Mario Heiderich

The clipboard is one of the most commonly used tools across operating systems, window managers and devices. Pressing Ctrl-C and Ctrl-V has become so fundamentally important to productivity and usability that we cannot get rid of it anymore. We happily and often thoughtlessly copy things from one source and paste them into another. URLs into address-bars, lengthy commands into console windows, text segments into web editors and mail interfaces. And we never worry about security when doing so. Because what could possibly go wrong, right? But have we ever asked ourselves what the clipboard content actually consists of? Do we really know what it contains? And are we aware of the consequences a thoughtless copy&paste interaction can have? Who else can control the contents of the clipboard? Is it really just us doing Ctrl-C or is there other forces in the realm who are able to infect what we believe to be clean, who can desecrate what we trust so blindly that we never question or observe it? This talk is about the clipboard and the technical details behind it. How it works, what it really contains – and who can influence its complex range of contents. We will learn about a new breed of targeted attacks, including cross-application XSS from PDF, ODT, DOC and XPS that allow to steal website accounts faster than you can click, turn your excel sheet into a monster and learn about ways to smuggle creepy payload that is hidden from sight until it executes. Oh, and we’ll also see what can be done about that and what defensive measures we achieved to create so far.

Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...

Mario Heiderich

Scriptless Attacks - Stealing the Pie without touching the Sill

Mario Heiderich

An Abusive Relationship with AngularJS

Mario Heiderich

In the DOM, no one will hear you scream

Mario Heiderich

Destaque (10)

The Future of Web Attacks - CONFidence 2010

JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks

Gestione della commessa

The innerHTML Apocalypse

JavaScript From Hell - CONFidence 2.0 2009

ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes,...

Copy & Pest - A case-study on the clipboard, blind trust and invisible cross-...

Scriptless Attacks - Stealing the Pie without touching the Sill

An Abusive Relationship with AngularJS

In the DOM, no one will hear you scream

Último

EVOLUCION DE LA TECNOLOGIA Y SUS ASPECTOSpptx

JorgeParada26

Avances tecnológicos del siglo XXI 10-07 eyvana

mcerpam

Innovaciones tecnologicas en el siglo 21

mariacbr99

Buenos_Aires_Meetup_Redis_20240430_.pptx

Federico Castellari

How to use Redis with MuleSoft. A quick start presentation.

FlorenciaCattelani

Guia Basica para bachillerato de Circuitos Basicos

JhonJairoRodriguezCe

Avances tecnológicos del siglo XXI y ejemplos de estos

sgonzalezp1

investigación de los Avances tecnológicos del siglo XXI

hmpuellon

La sensibilidad al cobre por parte de microorganismos biolixiviadores es uno de los principales problemas que enfrenta la minería para mejorar los procesos de biolixiviación. En tal sentido, nosotros evaluamos la resistencia al cobre de un consorcio microbiano conformado por Sulfobacillus spp., y Acidithiobacillus ferrooxidans, el cual se propagó, en bioreactores de tanque aireado y agitado de 1 L, los cuales contenían medio 9K suplementado con hierro y concentraciones crecientes de cobre (200 mM, 400 mM, 600 mM, 800 mM y 1,000 mM) a 30°C con un pH de 1.6 durante 96 horas. Se colectó una muestra de cada biorreactor cada 8 horas, para realizar análisis, microscópicos y moleculares, además el cultivo del consorcio en placa mostró una resistencia al cobre hasta 1,000 mM.

Resistencia extrema al cobre por un consorcio bacteriano conformado por Sulfo...

JohnRamos830530

redes informaticas en una oficina administrativa

nicho110

Album De Fotos

1. Album de fotos

2. 1ª parte

10.

11. ¿ 2ª parte ?

12. ¿ Un AVE ?

13. ¿ Un auditorio ?

14. ¿ Otra depuradora ?

15. ¿ Una Biblioteca ?

16. ¿ Otro hospital ?

17. ¿ Otro transporte ?

18. ¿ Mas puente ?

19. ¿ Otro puerto ?

20. ¿ Otro Vigo ?

Album De Fotos

Recomendados

Recomendados

Mais conteúdo relacionado

Destaque

Destaque (10)

Último

Último (10)

Album De Fotos