Mobile Security Attacks - A Glimpse from the Trenches
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore emerging mobile security threats in this 48-minute conference talk from AppSecUSA 2014. Delve into real-world attacks on mobile devices, covering physical, network, and application-level vulnerabilities. Learn about iOS malicious profiles, HTTP Request Hijacking, and other covert techniques employed by hackers. Gain insights from industry experts Yair Amit and Adi Sharabani as they present examples, statistics, and demonstrations of mobile security risks. Topics covered include the iOS security model, configuration profiles, certificate pinning, and Google's focus on malware. Understand the holistic outlook on mobile security and discover implementation and design-based vulnerabilities affecting mobile devices worldwide.
Syllabus
Intro
A Holistic Outlook on Mobile Security
The Physical Layer
Real World Incident Statistics
Network Based Attacks
Implementation-Based Vulnerabilities
Gotofail - The Code
Design-Based Vulnerabilities (Generic)
IOS Security Model
Configuration Profiles
Demo: Participation Instructions
Malicious Profiles
Design-Based Vulnerabilities (Mobile)
App Level Security & Privacy
App Level Vulnerabilities
Certificate Pinning
HRH - Attack Flow
Google's Focus on Malware
The Maliciously Vulnerable App
Summary
Taught by
OWASP Foundation
Related Courses
MongoDB for .NET DevelopersMongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera