Watch a DEFCON 32 conference talk exploring a groundbreaking zero-day vulnerability in Chrome and other browsers that enables attackers to exploit localhost APIs. Learn about novel browser-based attack techniques targeting developers and employees behind firewalls through a live demonstration and attack simulation. Discover how this security flaw exposes ports on the localhost network interface, potentially leading to remote network attacks. Follow along with a real-world example showing remote code execution on a popular open-source data engineering platform that operates on localhost, serving millions of users. Gain deep technical insights into this newly discovered vulnerability and its implications for organizational security through this first-ever comprehensive analysis.
Overview
Syllabus
DEF COPN 32 - 0 0 0 0 Day Exploiting Localhost APIs From The Browser - Avi Lumel skyGal Elbaz
Taught by
DEFCONConference