In April 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-day attack against the video-conferencing application Zoom at the Pwn2Own hacking competition. This attack allowed them to take over a remote computer through Zoom, without any action by the victim. This resulted in a $200,000 prize. Afterwards, they shared the full details of these vulnerabilities with Zoom to give them the opportunity to fix them. During this talk, Thijs will describe the vulnerabilities, how they found them and how they developed the exploit to actually take over a computer. Finally, Thijs will also share some thoughts about what zero-day vulnerabilities in popular software mean for companies and what steps companies can take to protect against unknown vulnerabilities.
Speaker: Thijs Alkemade
Thijs Alkemade works at the security research division of at Computest. This division is responsible for advanced security research on commonly used systems and environments. In recent research he demonstrated several attacks against the macOS and iOS operating systems. He has a background in both mathematics and computer science, which gives him a lot of experience with cryptography and programming language theory.
CPE Points
1 point
Thijs Alkemade works at the security research division of at Computest. This division is responsible for advanced security research on commonly used systems and environments. In recent research he demonstrated several attacks against the macOS and iOS operating systems. He has a background in both mathematics and computer science, which gives him a lot of experience with cryptography and programming language theory.
Bereikbaar tijdens kantoor uren Chicago, Illinois USA (bijv. voor lidmaatschapsvragen, wachtwoord resetten, e-mailadres aanpassingen, CPE, etc.)
We gebruiken functionele en analytische cookies om ervoor te zorgen dat de website optimaal presteert. Als u doorgaat met het gebruik van deze site, gaan we ervan uit dat u hiermee akkoord gaat. Meer informatie vindt u in onze Privacyverklaring.
