Explore the security vulnerabilities of fingerprint scanners and access control devices in this 58-minute conference talk from the Hack In The Box Security Conference. Delve into the unique challenges these IoT devices face, including their location outside security perimeters, legacy software issues, and compatibility with insecure protocols. Discover physical-to-virtual attack vectors, methods for achieving network persistence, and the implications of outdated software on device security. Learn about firmware exploitation techniques and the potential for compromised devices to provide access to internal networks. Examine the widespread nature of these vulnerabilities across various device families and gain insights into the current opportunistic attack surface based on Shodan scans. Benefit from the expertise of Kevin Reed, a seasoned CISO with 20 years of experience in information security, as he shares his knowledge on combating new-generation cyber threats and improving network reliability and performance.
Physical to Cyber and Back - Fingerprint Scanner Security
Hack In The Box Security Conference via YouTube
Overview
Syllabus
Intro
Kevins background
Traditional office network
Traditional unix hashing
SSH daemons
Physical to Virtual
Encryption
Quiz
root shell
whats missing
build times
QA with Kevin
Biometrics
Question
Taught by
Hack In The Box Security Conference