�ݺ�ߣshows by User: tomvangoethem

�ݺ�ߣshows by User: tomvangoethem / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: tomvangoethem / Wed, 16 Oct 2019 12:44:53 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: tomvangoethem Side-Channels on the Web: Attacks and Defenses /slideshow/sidechannels-on-the-web-attacks-and-defenses/182770755 owasp-poland-day-tom-van-goethem-2-191016124453
In this presentation we explore various side-channel attacks in the Web that can be used to leak information on cross-origin responses. These so-called XS-Leaks issues may allow an adversary to extract sensitive information from an unwitting visitor, ranging from personal information this victim shared with social media networks to CSRF tokens, which may lead to full account takeover. Finally, we discuss the various defenses that can be used to harden web applications against the different types of attacks.]]>
In this presentation we explore various side-channel attacks in the Web that can be used to leak information on cross-origin responses. These so-called XS-Leaks issues may allow an adversary to extract sensitive information from an unwitting visitor, ranging from personal information this victim shared with social media networks to CSRF tokens, which may lead to full account takeover. Finally, we discuss the various defenses that can be used to harden web applications against the different types of attacks.]]> Wed, 16 Oct 2019 12:44:53 GMT /slideshow/sidechannels-on-the-web-attacks-and-defenses/182770755 tomvangoethem@slideshare.net(tomvangoethem) Side-Channels on the Web: Attacks and Defenses tomvangoethem In this presentation we explore various side-channel attacks in the Web that can be used to leak information on cross-origin responses. These so-called XS-Leaks issues may allow an adversary to extract sensitive information from an unwitting visitor, ranging from personal information this victim shared with social media networks to CSRF tokens, which may lead to full account takeover. Finally, we discuss the various defenses that can be used to harden web applications against the different types of attacks. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/owasp-poland-day-tom-van-goethem-2-191016124453-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> In this presentation we explore various side-channel attacks in the Web that can be used to leak information on cross-origin responses. These so-called XS-Leaks issues may allow an adversary to extract sensitive information from an unwitting visitor, ranging from personal information this victim shared with social media networks to CSRF tokens, which may lead to full account takeover. Finally, we discuss the various defenses that can be used to harden web applications against the different types of attacks.

Side-Channels on the Web: Attacks and Defenses from Tom Van Goethem

]]> 2417 2 https://cdn.slidesharecdn.com/ss_thumbnails/owasp-poland-day-tom-van-goethem-2-191016124453-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-tomvangoethem-48x48.jpg?cb=1582159460 tom.vg