Dan Cater, Lead Security Consultant at Context, will be presenting his talk 'Hacking an ISP's home router from the web' in Stream 1 at the CRESTcon & IISP Congress 2018 taking place on 3rd May at Royal College of Physicians in London. The session will run from 13:50 -14:15.
Dan's talk demonstrates how a remote attacker can compromise this ISP-provided router using web-based methods only - no screwdrivers or soldering irons required. Multiple vulnerabilities are chained together to compromise the router, leading to subsequent attacks such as being able to connect to the customer’s Wi-Fi, hijack their DNS results, or read their sensitive files from an attached USB memory stick.
CRESTCon and IISP Congress is a unique event that brings together leading technical and business information security professionals. Delegates at the event include senior security, risk compliance managers from a wide range of public and private sector organisations, along with security consultants and business directors working in the technical information assurance and response industry.
CREST is a not-for-profit accreditation body that represents the technical information security. It provides internationally recognised certifications for organisations and individuals providing penetration testing, cyber incident response and security architecture services.
The IISP is a not-for-profit body with the principle objective to advance the professionalism of the Information Security Industry.