Saturday, 20 August 2016

Security BSides Manchester 2016

Thank you all for coming to my talk at Security BSides Manchester 2016. The conference took place on Thursday 18th August 2016, at Manchester Metropolitan University Business School, in the heart of Manchester.
The title of my talk was: 
Accessing the personal details of most of the InfoSec professionals & the Responsible Disclosure process.

The talk was not recorded due to the sensitive nature of the content and not much information was given in the abstract. 

However, this was as an exciting talk as it sounds and yes, it is true, that it was possible to get access to a number of people’s personal details (phone numbers and home addresses) especially those who are InfoSec professionals. 

The talk is mostly a collection of war stories I experienced over the years, regarding responsible disclosure. I followed the ethical hacker’s route, and disclosed several issues responsibly, and coordinated with the affected third-parties. However, things are not seen as they should and this talk will take your through the numerous "facepalm" moments I had up to now in my carrer when disclosing a particular vulnerability. 

Effectively, I invited people to join me in a rather entertaining talk with some scary bits on what could have happened if someone else have found these vulnerabilities. Not only because it contained personal details but it might had your own personal information in it! 

No comments:

Post a Comment