Mobile Security Attacks - A Glimpse from the Trenches
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore emerging mobile security threats in this 48-minute conference talk from AppSecUSA 2014. Delve into real-world attacks on mobile devices, covering physical, network, and application-level vulnerabilities. Learn about iOS malicious profiles, HTTP Request Hijacking, and other covert techniques employed by hackers. Gain insights from industry experts Yair Amit and Adi Sharabani as they present examples, statistics, and demonstrations of mobile security risks. Topics covered include the iOS security model, configuration profiles, certificate pinning, and Google's focus on malware. Understand the holistic outlook on mobile security and discover implementation and design-based vulnerabilities affecting mobile devices worldwide.
Syllabus
Intro
A Holistic Outlook on Mobile Security
The Physical Layer
Real World Incident Statistics
Network Based Attacks
Implementation-Based Vulnerabilities
Gotofail - The Code
Design-Based Vulnerabilities (Generic)
IOS Security Model
Configuration Profiles
Demo: Participation Instructions
Malicious Profiles
Design-Based Vulnerabilities (Mobile)
App Level Security & Privacy
App Level Vulnerabilities
Certificate Pinning
HRH - Attack Flow
Google's Focus on Malware
The Maliciously Vulnerable App
Summary
Taught by
OWASP Foundation
Related Courses
Malicious Software and its Underground Economy: Two Sides to Every StoryUniversity of London International Programmes via Coursera Sicherheit im Internet
openHPI Cybersecurity Fundamentals
Rochester Institute of Technology via edX Network Security
Georgia Institute of Technology via Udacity Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent