BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: OAuth-some Security Tricks: Yet more OAuth abuse\n When: Saturday\, Aug 13\, 10:00 - 10:40 PDT\n Where: Flamingo - Sunset- Scenic Ballroom (Cloud Village) - [1]Map\n\n SpeakerBio:Jenko Hwong\n Jenko Hwong is a Principal Researcher on Netskope's Threat Research\n Te am\, focusing on cloud threats/vectors. He's spent time in\n engineering and product roles at various security startups in\n vulnerability scann ing\, AV/AS\, pen-testing/exploits\, L3/4 appliances\,\n threat intel\, and windows security.\n Twitter: [2]@jenkohwong\n\n Description:\n J oin in this deep dive looking at new abuses of OAuth 2.0. We'll look\n a t a variety of attacks including phishing and stolen credential\n attack s\, starting with Microsoft authorization code grant to Google\n authori zation code grant using copy/paste. We'll then move on to new\n attacks including: OWA browser attacks\, Chrome attacks\, different SaaS\n OAuth implementations\, upstream SSO attacks\, and hidden uses of OAuth\n in Google App Scripting and Google Cloud Shell.\n\n In a nod to Penn and Te ller\, with each attack\, we'll reveal the\n underlying secret technique s used\, why and how it works\, and what can\n be generalized. We'll the n show how the most common defensive measures\n (e.g. MFA\, IP allow lis ts\, application allow lists\, authorization\n controls) are used to mit igate each attack\, then adjust the attack to\n bypass the defensive mea sure. We'll also discuss what vendors have\n been doing to mitigate thes e attacks and whether they are effective.\n\n Code for any demo/POCs wil l be made available as open-source.\n\n '\n\n 1. https://defcon.outel. org/consolidated_page.html#FlamingoThirdFloor\n 2. https://twitter.com/j enkohwong\n\n\n DTEND:20220813T174000Z DTSTART:20220813T170000Z LOCATION:CLV - Flamingo - Sunset-Scenic Ballroom (Cloud Village) SUMMARY:OAuth-some Security Tricks: Yet more OAuth abuse END:VEVENT END:VCALENDAR