AutoSpill - Zero Effort Credential Stealing from Mobile Password Managers
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a novel attack called AutoSpill that compromises Android's secure autofill process to steal user credentials from mobile password managers. Learn how this vulnerability affects the majority of top Android password managers, even without JavaScript injections, and becomes universally exploitable when JavaScript injections are enabled. Discover the fundamental reasons behind AutoSpill and examine proposed systematic countermeasures to address this security issue. Gain insights into the responsible disclosure process undertaken with affected password managers and the Android security team, including the acknowledgment of the issue by various password managers and Google.
Syllabus
AutoSpill: Zero Effort Credential Stealing from Mobile Password Managers
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network