Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs

Explore practical attacks capable of compromising millions of targets, including tech giants and industry leaders, in this 46-minute Black Hat conference talk. Delve into techniques and methodologies designed to inspire out-of-the-box thinking among security researchers. Learn how enterprises can apply immediate mitigation strategies and understand that SSL VPN is not just a Virtual Private Network, but potentially a "Vulnerable Point of your Network." Presented by Orange Tsai and Meh Chang, this talk aims to shed light on the critical vulnerabilities in leading SSL VPNs and their implications for corporate intranets.

Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs