IoT Bug Hunting: From Shells to Responsible Disclosure

IoT Bug Hunting: From Shells to Responsible Disclosure

Shaun Mirani, Security Analyst, Independent Security Evaluators
Ian Sindermann, Associate Security Analyst 2, Independent Security Evaluators

Internet of things (IoT) have always been vulnerable. This study proved that security controls put in place by device manufacturers are insufficient against attacks carried out by remote adversaries. This talk will summarize some of the best stories from the research project aimed to uncover and leverage new techniques to circumvent these new security controls in embedded devices.Pre-Requisites: General familiarity with what IoT devices are and a cursory understanding of HTTP, network traffic analysis, *NIX shell command execution, DNS resolution, and basic web application vulnerabilities.

Related Post: