A wide variety of video material distributed by the Chaos Computer Club.This feed contains events from the last two years
Date | Title & Description | Contributors |
---|---|---|
2024-11-13 | Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://c3voc.de |
|
2024-11-13 | Web security is increasingly an opt-in approach, leaving developers with both the opportunity and the responsibility to protect their applications. This talk will explore why and how developers can secure their sites against evolving threats. We'll de... |
|
2024-11-13 | Browser extensions are powerful tools that enhance the web browsing experience, offering their users a wide range of functionalities. However, these features can also introduce security and privacy issues for their users, mainly through a technique kno... |
|
2024-11-13 | Recent developments in web technologies have seen a paradigm shift from monolithic server-based applications to REST-based microservices with feature-rich browser-based frontends. This progression has brought with it novel classes of security flaws. In... |
|
2024-11-13 | Web apps use Server-Side Requests to request data from other servers, e.g., for link previews. However, they are exploited by attackers who might request internal resources or non-public services. This attack is called Server-Side Request Forgery (SSRF... |
|
2024-11-13 | The need for comprehensive measurements of security and privacy risks on the Web is undeniable as it helps developers in focusing on emerging trends in security. However, large-scale scans for server-side vulnerabilities remains a sensitive topic, due ... |
|
2024-11-13 |
SAP from an Attacker's Perspective – Common Vulnerabilities and Pitfalls (god2024) As organizations increasingly rely on SAP systems to manage critical business processes, the security of these environments is an increasing challenge for companies and has also been recognized by the OWASP Core Business Application Security (CBAS) pro... |
|
2024-11-13 |
Network Fingerprinting for Securing User Accounts - Opportunities and Challenges (god2024) Network fingerprinting exists for a while and some methods such as JA3 have achieved wide adoption across the industry. Introducing network fingerprinting into login flows can help you stave off attackers. However, there are various challenges that you... |
|
2024-11-13 |
The Debian OpenSSL bug and other Public Private Keys (god2024) In early 2024, hundreds of DKIM setups still used cryptographic keys vulnerable to a bug from 2008 in Debian's OpenSSL package. Vulnerable hosts included prominent names like Cisco, Oracle, Skype, and Github. In 2022, it was discovered that printers g... |
|
2024-11-13 | Viele Teams stehen vor der Herausforderung, beim Threat Modeling relevante Bedrohungen zu identifizieren, insbesondere wenn nur wenig Security-Expertise vorhanden ist. Die Auswahl und Bewertung von potenziellen Risiken kann für Nicht-Experten schwierig... |
|