Context will once again be sponsors and exhibiting at CYBERUK 2018, visit us at stand C307.
CYBERUK 2018 is the National Cyber Security Centre's (NCSC) flagship event on cyber security. Over three days, 1800+ people will attend events covering both strategy (CYBERUK Leadership) and delivery (CYBERUK In Practice) - giving up to date information and industry leading insights.
Dan Cater will be presenting his talk 'Hacking an ISP's home router from the web' on Day 1 of Cyber UK In Practice in Track 1 from 17:00 - 17:40 in the Exchange Auditorium. This talk demonstrates how a remote attacker can compromise this ISP-provided router using web-based methods only - no screwdrivers or soldering irons required. Multiple vulnerabilities are chained together to compromise the router, leading to subsequent attacks such as being able to connect to the customer’s Wi-Fi, hijack their DNS results, or read their sensitive files from an attached USB memory stick.
Dan is a Lead Security Consultant at Context and a CREST Certified Web Application Tester (CCT App).
Andrew Scott will also be preseting his talk 'Pentration Testing - Checking Controls Not Systems' from 12:25 - 13:00 on Day 2 of Cyber UK In Practice. Maturing penetration testing from a tick box or gateway inspection in a product life cycle to using it to inform strategic development of controls and their improvement plans. While each vulnerability identified in a Penetration test needs to be dealt with on its own merits, an astute information security leader can amalgamate data from a collection of tests to identify controls that are not as effective as they could be to focus improvement efforts on. Join Andrew to look at how.