SquareX to Expose Browser and Passkey Vulnerabilities at Black Hat and DEF CON

At DEF CON 33, Shourya Pratap Singh, Jonathan Lin, and Daniel Seetoh will present their research in a session titled “Passkeys Pwned: Turning WebAuthn Against Itself.” This discussion will focus on a new technique designed to undermine passkey authentication, which has gained traction among major technology providers like Apple, Google, and Microsoft as a more secure alternative to traditional passwords. Despite this perception, SquareX’s research indicates that vulnerabilities persist. Vivek Ramachandran emphasised the importance of understanding the attacker mindset to defend against emerging threat vectors. He stated that this year’s research reveals critical gaps that traditional security solutions cannot address, covering everything from passkey vulnerabilities to browser extension risks. Additionally, Nishant Sharma and Shourya Pratap Singh will introduce ExtHuntr, an open-source tool designed to scan installed browser extensions, analyse their permissions and behaviour, and generate risk scores, thereby enhancing security teams’ visibility into potential risks posed by browser extensions.

SquareX to Expose Browser and Passkey Vulnerabilities at Black Hat and DEF CON

Why Security Nudges Gained Popularity: Understanding Their Rise

New Undetectable Plague Malware Targeting Linux Servers to Establish Persistent SSH Access

SonicWall firewalls under threat from ransomware attacks, potentially exploiting zero-day vulnerabilities.

New Undetectable Plague Malware Targeting Linux Servers to Establish Persistent SSH Access

Weekly Review: Cybersecurity Risks in the Food Sector and Threats to Space Infrastructure

Weekly Review: Cybersecurity Risks in the Food Sector and Threats to Space Infrastructure

Leave a Reply Cancel reply

Similar Posts

Leave a Reply Cancel reply