Explore the vulnerabilities in biometric access control systems during this 48-minute conference talk from the Hack In The Box Security Conference. Delve into the weaknesses of edge computing models and examine technical details of identified vulnerabilities in access control devices. Learn about server command forgery, user arbitrary addition, privilege escalation, man-in-the-middle attacks, and face database exposure. Watch demonstrations on how to leak employee pictures, add unauthorized personnel as administrators, and impersonate back-end servers to open doors and deceive audits. Gain insights from senior threat researchers at Trend Micro as they discuss their findings and implications for security in edge computing environments.
Overview
Syllabus
#HITBLockdown002 D2T2 - Walk Through Access Control Systems - Philippe Lin, Roel Reyes & Trend Micro
Taught by
Hack In The Box Security Conference
Related Courses
-
Exploiting Directory Permissions on macOS
-
SAP RCE - The Agent Who Spoke Too Much
-
Knock Knock. Who's There? Betta! Betta Who? Betta Check Your Access Control Edge Devices
-
Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019
-
The Insecurity of Cloudless Smart Door Systems
-
All Your Door Belong To Me - Attacking Physical Access Systems
