Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A SSLippery Slope - Unraveling Hidden Dangers of Certificate Misuse

DEFCONConference via YouTube

Overview

Explore a critical cybersecurity conference talk from DEF CON 31 that delves into a systemic vulnerability affecting digital signature validation implementations. Learn how attackers can exploit valid certificates in unintended ways, particularly focusing on how SSL and S/MIME certificates can be misused despite being designed for different purposes than code signing. Understand the fundamental differences between certificate types, their validation requirements, and how vulnerable implementations incorrectly validate files signed with incompatible certificates. Discover real-world implications of this security flaw across multiple formats, from theoretical foundations to practical applications, and gain insights into how threat actors can potentially sign untrusted code with minimal effort or cost.

Syllabus

DEF CON 31 - A SSLippery Slope - Unraveling Hidden Dangers of Certificate Misuse - Bill Demirkapi

Taught by

DEFCONConference

Reviews

Start your review of A SSLippery Slope - Unraveling Hidden Dangers of Certificate Misuse

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.