[OWASP-Switzerland] OWASP Switzerland Meeting - June 7th 2016
Robert Schneider
robert.schneider at owasp.org
Thu May 19 08:30:24 UTC 2016
Hi everyone,
I’d like to invite you to our next OWASP Switzerland meeting, taking place
on June 7th 2016. If you want to attend, please make sure to register for
the event with your *full name* through
http://doodle.com/poll/7qh388sgvhczbqrv
Space is limited.
* When:
Tuesday, June 7th 2016
Starting at 18:00
Doors at 17:30
* What (presentation):
"The Tale of a Fameless but Widespread Vulnerability" by Veit Hailperin
(Scip)
Two key components account for finding vulnerabilities of a certain class:
awareness of the vulnerability and ease of finding the vulnerability.
Cross-Site Script Inclusion (XSSI) vulnerabilities are not mentioned in the
de facto standard for public attention - the OWASP Top 10. Additionally
there is no publicly available tool to facilitate finding XSSI. The impact
reaches from leaking personal information stored, circumvention of
token-based protection to complete compromise of accounts. XSSI
vulnerabilities are fairly wide spread and the lack of detection increases
the risk of each XSSI. In this talk I am going to demonstrate how to find
XSSI, exploit XSSI and also how to protect against XSSI exploitation.
* Where:
Swisscom
Pfingstweidstrasse 51
8005 Zürich
(https://goo.gl/maps/d3eqUeT3zQ12)
* Who:
As usual, all of our meetings are open to everyone and free of charge.
* Agenda
17:30 | Doors will open
18:00 – 18:15 | Update on OWASP
18:20 – 19:00 | Talk
19:15 – **:** | Dinner
* Dinner:
For those of you, who would like to grab a bite afterwards, please
additionally select the “Dinner” checkbox during your registration. This
will allow us to reserve a large enough location.
I hope to see all of you there. ;)
Regards,
Rob
--
Robert Schneider
OWASP Switzerland
https://www.owasp.ch
https://www.twitter.com/OWASP_ch
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-switzerland/attachments/20160519/4c2bdc45/attachment.html>
More information about the Owasp-Switzerland
mailing list