Sometimes trust comes with an expiration date: domains, CDNs, hosts, and other digital resources are all ephemeral. With DNS, dynamic instances, Web links, whitelists, and other extensions of trust pointing to so many third parties – do you really know who is in control? This talk explores the security issues that arise when digital assets expire and presents novel attacks using expired digital assets. Real-world examples from Fortune 1000 companies will be included to demonstrate the very real – and serious – impact.
The following aspects will be discussed during this presentation:
• Careless asset monitoring can lead to security issues
• Always know who you are trusting
• Constantly evaluate and monitor who you are trusting
• Anyone can be vulnerable to these attacks; there is a lot at stake
• This is a new vulnerability level never previously explored
Security Associate Joe DeMesy and Matthew Bryant are slated to speak at InfoSec World – Domains Aren’t Forever: Trust Has an Expiration Date