Exposing Private Information from Side-Channel Leaks in your Browser
Thursday, November 17, 2016
11:00 HRS PT/14:00 HRS ET
60 minutes, including Q&A
Brought to you by:
Exposing Private Information from Side-Channel Leaks in your Browser by Tom Van Goethem
Building a Threat Hunting Program by Carl Manion
It is a well-known fact that the web is constantly evolving, both on a technical level as well as the way we interact with it. As the web was originally designed to be a static information retrieval platform, this evolution has brought along a large variety of security issues. Next to the usual suspects such as SQL injection and XSS, a new class of web-based vulnerabilities is surfacing. Similar to how attackers exploit cross-site request forgery (CSRF) vulnerabilities, this "up-and-coming" class of vulnerabilities leverages the fact that browsers include cookies on requests to third-party websites. By exploiting side-channel leaks in browsers, adversaries can determine the size of the associated responses. In this webcast, we will explore three such attacks (browser-based timing attack, HEIST, storage side-channel attack), and show how these can be used to extract sensitive content from popular web services. In addition, we demonstrate that in combination with other attacks, these side-channel leaks can be used to extract secret tokens from web pages, possibly leading to a full account compromise.
Tom Van Goethem
Tom Van Goethem is a PhD researcher at the University of Leuven with a keen interest in web security and online privacy. In his research, Tom performs large-scale security experiments, both to analyse the presence of good and bad security practices on the web, as well as to demystify security claims. More recently, Tom started exploring side-channel attacks in the context of the web, resulting in the discovery of browser-based timing attacks. In an attempt to make the web a safer place, Tom on occasion rummages the web in search for vulnerabilities.
Carl Manion, Managing Principal, Raytheon Foreground Security, has over 23 yrs experience in cyber security services, cyber threat intelligence operations and related IT program management. He has extensive knowledge of threat hunting and SIEM with expertise in enterprise security technologies, security operations management and incident response processes. Carl has led and managed security operations at several Fortune 500 companies.