OWASP Global AppSec

October 19 - 23, 2020

Speaking Session

Magecart 2020: The New Face of XSS

Presented by Ido Safruti, CTO at PerimeterX | Ameet Naik, Director of Product Marketing at PerimeterX

Digital skimming and Magecart attacks continue to be lucrative for cybercriminals and expensive for web application owners. Attacks have evolved from simple XSS to complex skimming toolkits, fake checkout pages and compromised iframe scripts. This session explores the anatomy of an attack that targets websites using the popular payment provider Braintree, a subsidiary of PayPal.

View the Session

Speaking Session

Pwning WhatsApp - The Dark Side of Web-based Messaging Apps

Presented by Gal Weizman, JavaScript Expert at PerimeterX

This talk will go step by step through the research, which led to finding one of the most critical security flaws found in WhatsApp in the past few years which allowed reading files from the victim’s OS filesystem. Attendees will learn the security issues that products such as WhatsApp have to cope with, and what messaging apps vendors should learn from these answers in order to ship safer products.

View the Session
© PerimeterX, Inc. All rights reserved.