YoVDO

A Practical Attack Against MDM Solutions

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Malware Detection Courses iOS Security Courses

Course Description

Overview

Explore a novel proof-of-concept attack technique that bypasses traditional mobile malware detection measures and circumvents common Mobile Device Management (MDM) features in this Black Hat USA 2013 conference talk. Delve into the world of spyphones, surveillance tools surreptitiously planted on users' handheld devices, and learn how these mobile cyber-espionage attacks are carried out. Discover the differences between typical malicious mobile applications and spyphones used by nation-states. Gain insights into how this attack method can overcome encryption and other MDM security measures. Follow along as the speakers demonstrate the attack steps, including root vulnerability exploitation, secure container installation, and container hooking. Understand the key issues surrounding mobile device security and the proposed layer approach to address these vulnerabilities. Conclude with a recap of the presented information and participate in a Q&A session to further explore this critical topic in mobile security.

Syllabus

Introduction
Mobile Malware
Mobile Remote Access
Examples
Types
Benchmarks
Largescale experiment
Results
Agenda
What is MDM
What MDM solutions provide
Secure Container
Assumptions
Demo
Steps
Root Vulnerability
Securing Container
iOS
Install Secure Container
Hook Secure Container
Conclusion
Summary
Key Issues
Layer Approach
Recap
Questions


Taught by

Black Hat

Related Courses

Ethical Hacking: Mobile Devices and Platforms
LinkedIn Learning
Learning Mobile Device Security
LinkedIn Learning
Supporting Face ID and Touch ID Authentication in iOS Using Swift 5
Pluralsight
CNIT 128: Hacking Mobile Devices
CNIT - City College of San Francisco via Independent
Ethical Hacking: Hacking Mobile Platforms
Pluralsight