|Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
With most IoTs moving towards cloud platforms, it seemed appropriate to look at their implementations. And boy did the team hit “insecurity gold”! Authentication bypasses, device tampering and RCE. And the beauty of it is that it’s no longer needed to iterate the IP space and find open ports since one bad cloud implementation allows attackers to interact with all devices from the vendor.
Pre-Requisites: Strong networking skills and understanding of tampering with APIs, MQTT, AWS S3. While not mandatory, it would help if the audience had some knowledge of buffer overflows, ROP and command injection for the RCE demos.