[OWASP-Switzerland] OWASP Switzerland Meeting - June 7th 2016

• Previous message: [OWASP-Switzerland] hardwear.io CFP 2016 - Hardware Security Conference Call for Papers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi everyone,

I’d like to invite you to our next OWASP Switzerland meeting, taking place
on June 7th 2016. If you want to attend, please make sure to register for
the event with your *full name* through
http://doodle.com/poll/7qh388sgvhczbqrv

Space is limited.





* When:

Tuesday, June 7th 2016

Starting at 18:00

Doors at 17:30





* What (presentation):

"The Tale of a Fameless but Widespread Vulnerability" by Veit Hailperin
(Scip)


Two key components account for finding vulnerabilities of a certain class:
awareness of the vulnerability and ease of finding the vulnerability.
Cross-Site Script Inclusion (XSSI) vulnerabilities are not mentioned in the
de facto standard for public attention - the OWASP Top 10. Additionally
there is no publicly available tool to facilitate finding XSSI. The impact
reaches from leaking personal information stored, circumvention of
token-based protection to complete compromise of accounts. XSSI
vulnerabilities are fairly wide spread and the lack of detection increases
the risk of each XSSI. In this talk I am going to demonstrate how to find
XSSI, exploit XSSI and also how to protect against XSSI exploitation.





* Where:

Swisscom

Pfingstweidstrasse 51

8005 Zürich

(https://goo.gl/maps/d3eqUeT3zQ12)





* Who:

As usual, all of our meetings are open to everyone and free of charge.




* Agenda

17:30 | Doors will open

18:00 – 18:15 | Update on OWASP

18:20 – 19:00 | Talk

19:15 – **:** | Dinner



* Dinner:

For those of you, who would like to grab a bite afterwards, please
additionally select the “Dinner” checkbox during your registration. This
will allow us to reserve a large enough location.




I hope to see all of you there. ;)





Regards,

Rob



--

Robert Schneider

OWASP Switzerland

https://www.owasp.ch

https://www.twitter.com/OWASP_ch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-switzerland/attachments/20160519/4c2bdc45/attachment.html>

• Previous message: [OWASP-Switzerland] hardwear.io CFP 2016 - Hardware Security Conference Call for Papers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]