BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Relative Path File Injection: The Next Evolution in 
 RPO\n   When: Friday\, Aug 9\, 14:00 - 14:30 PDT\n   Where: LVCC West/Floo
 r 2/W228-W230/W228-W230-ASV Main Stage - [1]Map\n\n   Description:\n\n   M
 ost web security professionals are familiar with Relative Path\n   Overwri
 te (RPO) attacks that allow injecting malicious CSS via a quirk\n   in how
  browsers handle paths. But what if you could use a similar\n   technique 
 to get victims to download malicious files by clicking an\n   innocuous lo
 oking download link on a trusted site? In this\n   presentation\, we'll un
 veil a new attack vector dubbed Relative Path\n   File Injection (RPFI) th
 at abuses path handling to turn benign\n   websites into malware delivery 
 platforms. Attendees will learn the\n   anatomy of an RPFI attack\, see de
 mos of it in action\, and learn how to\n   detect this overlooked vulnerab
 ility class in the wild. We'll also\n   release an open source GitHub repo
  with proof of concepts for users to\n   try for themselves. RPFI represen
 ts a new breed of polyglot-based\n   attack that exploits gaps between web
  specifications and real-world\n   implementations.\n\n   SpeakerBio:  Ian
  Hickey\n\n   Ian Hickey\, is a software developer in the Edtech space and
  devotes\n   some time each week trying to solve problems that have not be
 en solved\n   before. His professional journey has been a unique blend of 
 coding and\n   education. As a software developer\, he delved deep into th
 e\n   intricacies of how technology can enhance learning experiences. He\n
    mostly dabbles in security as a hobby. I am a lifelong hacker and I'm\n
    an active member of HackerOne and similar bug bounty programs.\n\n   '\
 n\n   1. #LVCCW_Level2_North\n\n\n
DTEND:20240809T213000Z
DTSTART:20240809T210000Z
LOCATION:APV - LVCC West/Floor 2/W228-W230/W228-W230-ASV Main Stage
SUMMARY:Relative Path File Injection: The Next Evolution in RPO
END:VEVENT
END:VCALENDAR