Security Hero Rotating Header Image

No Shortage of Security Vulnerabilities at RSA

No Shortage of Security Vulnerabilities at RSA

The RSA Conference is much more vendor-driven than shows like Black Hat or ShmooCon, but there is always room for talk about security vulnerabilities and threats in the wild.

This year, discussion of the threat landscape touched on everything from browser hijacking to wireless security to attacks on Voice-over-Internet Protocol (VoIP). More than one presenter during the conference spoke of the idea of assuming computers in your network have been compromised. In their presentation, Ed Skoudis, senior consultant for InGuardians, and Johannes Ullrich, chief research officer of the SANS Internet Storm Centre, outlined a number of attacks targeting enterprise networks.

Among the attacks the two highlighted was the well-known ¡§pass-the-hash¡¨ technique, a method used to compromise machines by checking a user’s cryptographic hash instead of their password. The duo also highlighted attacks on VoIP, as well as how hackers can turn infect Windows machines through drive-by downloads, turn on their wireless interfaces and use them in attacks from long distance without using radio frequency.


Leave a Reply

Your email address will not be published. Required fields are marked *