Seven Cyber Security Courses in Orlando - Oct. 28-Nov. 2. Save $200 thru 9/25.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

A BEAST and a POODLE celebrating SWEET32

  • Thursday, July 25th, 2019 at 10:30 AM EDT (14:30:00 UTC)
  • Bojan Zdrnja
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

In last couple of years we have witnessed many SSL/TLS vulnerabilities with various acronyms: POODLE, BEAST, BREACH, CRIME, DROWN, FREAK and SWEET32 - to name some. Almost every time, a snazzy logo and a lot of panic around the vulnerability made us believe that this is the end of secure communication on the Internet.

However, we are yet to see any real hacks that actually exploited one of the above mentioned vulnerabilities.

This presentation will explain how these vulnerabilities work and will comment on their viability for web, mobile and fat client applications.

We will try to identify the SSL/TLS vulnerabilities who cried wolf, so we can concentrate on those that pose a serious threat (if such exist, that is).

Speaker Bio

Bojan Zdrnja

Bojan worked for 5 years in the Faculty of Electrical Engineering at The University of Zagreb (Croatia) till 2002, when he moved to New Zealand. He was the team leader in several enterprise security projects for large customers, as well as a member of several Incident Response Teams in Croatian CERT. At the University of Auckland he architectured and implemented the entire enterprise e-mail system. In 2008 Bojan moved back to Croatia.

For years Bojan had a security column in a computer magazine in Croatia (Mreza). He wrote a book about computer viruses ("What are computer viruses", published in Croatia) and co-wrote a chapter in "AVIEN Malware Defense Guide for the Enterprise", a book released by Syngress in 2007.

He's probably most well known by his diaries for SANS Internet Storm Center in which he regularly analyzes new threats.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.