Get 20% off all career paths from fullstack to AI
Power BI Fundamentals - Create visualizations and dashboards from scratch
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a Black Hat conference talk that unveils a client impersonation vulnerability discovered in Google's "first-party" applications. Delve into the speaker's journey of identifying this security flaw in early 2021, which allows attackers to masquerade as trusted applications to both users and Google itself. Learn about the implications of this vulnerability, including how it grants unauthorized privileges to malicious actors. Examine the broader context of enterprise security practices, including instances of ignored RFCs and mishandled sensitive information. Gain insights into the complexities of cloud provider security models and the potential consequences of overlooking critical security measures. This 48-minute presentation by Brian Smith-Sweeney offers a compelling narrative that serves as a wake-up call for security practitioners across various industries.
Syllabus
The Accidental Discovery of a New Vulnerability in Google's OAuth Implementation
Taught by
Black Hat