Billy Rios Senior Security Researcher, VeriSign
Nathan McFeters Senior Security Advisor, Ernst & Young
Whats in a name? How do you know you should “trust” the content you are receiving? In today’s World Wide Web, we place a lot of “trust” into domain names. For many, domain names help determine the whether a particular link or file should be trusted, or eyed with suspicion. Domain name trust has even made its way into security systems, considering many of the protections built into our browsers are based strictly on domain names! In this talk, we’ll take a look at some simple ways to store and serve malicious content from some of the most popular servers on the Internet.
It’s time we rethink the ways we’ve implemented one of our most treasured Web resources… web mail. We’ll bite the hand that feeds us by abusing the very features that make web mail services so popular. We’ll show you how to use popular web mail servers as a repository for malicious content and how to serve that content to those surfing the World Wide Web (no email address required!)
For more information visit: http://bit.ly/defcon15_information
To download the video visit: http://bit.ly/defcon15_videos