I Am Whoever I Say I Am: Infiltrating Identity Providers Using a 0Click Exploit | allinfosecnews.com

Nov. 28, 2022, 6:56 p.m. | Black Hat

Black Hat www.youtube.com

To begin with, I will cover the foundational use-case for IAM solutions and some past in the wild attacks (ITW) attacks with the extent of their impact. Continuing, I will present the approach I took with the audit including the challenges and pitfalls that I was faced with and how I overcame them. The result concluding with an unauthenticated remote code execution as root by chaining multiple vulnerabilities on a very popular IAM solution used by several Fortune 500 companies …

exploit identity

More from www.youtube.com / Black Hat

Locknote: Conclusions and Key Takeaways from Day 2 1 week, 5 days ago | www.youtube.com

black hat black hat europe board board members +15

Locknote: Conclusions and Key Takeaways from Day 1 1 week, 5 days ago | www.youtube.com

black hat black hat europe board board members +16

Keynote: My Lessons from the Uber Case 1 week, 5 days ago | www.youtube.com

addition best practices case convicted +16

Keynote: Industrialising Cyber Defence in an Asymmetric World 1 week, 6 days ago | www.youtube.com

adversaries challenge cyber cyber defence +10

The Black Hat Europe Network Operations Center (NOC) Report 1 week, 6 days ago | www.youtube.com

back black hat black hat europe center +14

My Invisible Adversary: Burnout 2 weeks, 3 days ago | www.youtube.com

adversary attackers attacks burnout +11

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 2 weeks, 3 days ago | www.youtube.com

analysis ask bad codeql +10

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 2 weeks, 4 days ago | www.youtube.com

attacks call cloudflare detection +10

Collide+Power: The Evolution of Software-based Power Side-Channels Attacks 2 weeks, 4 days ago | www.youtube.com

addition attacks build collide+power +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

L2-Network Security Administrator

@ Kyndryl | KIN51515 Mumbai (KIN51515) We Work

View on infosec-jobs.com

Head of Cybersecurity Advisory and Architecture

@ CMA CGM | Marseille, FR

View on infosec-jobs.com

Systems Engineers/Cyber Security Engineers/Information Systems Security Engineer

@ KDA Consulting Inc | Herndon, Virginia, United States

View on infosec-jobs.com

R&D DevSecOps Staff Software Development Engineer 1

@ Sopra Steria | Noida, Uttar Pradesh, India

View on infosec-jobs.com