AI, Data Science & Cloud Certificates from Google, IBM & Meta
UC San Diego Product Management Certificate — AI-Powered PM Training
Overview
Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
Explore a critical cybersecurity conference talk from DEF CON 31 that delves into a systemic vulnerability affecting digital signature validation implementations. Learn how attackers can exploit valid certificates in unintended ways, particularly focusing on how SSL and S/MIME certificates can be misused despite being designed for different purposes than code signing. Understand the fundamental differences between certificate types, their validation requirements, and how vulnerable implementations incorrectly validate files signed with incompatible certificates. Discover real-world implications of this security flaw across multiple formats, from theoretical foundations to practical applications, and gain insights into how threat actors can potentially sign untrusted code with minimal effort or cost.
Syllabus
DEF CON 31 - A SSLippery Slope - Unraveling Hidden Dangers of Certificate Misuse - Bill Demirkapi
Taught by
DEFCONConference