Or Eshed
Or Eshed is co-founder and CEO of LayerX Security. Or has over 15 years of cybersecurity experience sa an ML developer, security and intelligence researcher, and cybersecurity analyst. Prior to founding LayerX, Or worked as a cyber threat intelligence analyst at Check Point, Otorio, and ABN AMRO Bank. His work has led to the arrest of at least 15 threat actors and the exposure of the largest browser hijacking operation in history with over 50M browsers compromised. He has also written and spoken on topics of cybersecurity extensively. In addition, Or holds an MSc in Applied Economics from the Hebrew University of Jerusalem.
Sessions
Malicious browser extensions are an emerging attack vector to steal user identity information and passwords. This session will provide a detailed breakdown of how browser extensions can be used for theft of credential data, and a technical analysis of what permissions and methods compromised extensions invoke to steal passwords and other authentication details.
As part of this session, we will walk through the emergence of browser extensions as a threat vector, discuss how they become compromised, and then explore in detail the types of the password and credential data that can be stolen, and how they do it. We will describe specific permissions and techniques used by extensions to steal password information, and show live examples. Finally, we will discuss best practices and methods on how individuals and organizations should protect themselves against such tactics.
If a user account falls down in a forest, and it isn’t managed by the organization’s identity security policy, is its password still secure?
While there is ample discussion and research on organizational security policies and password governance of corporate accounts, the emergence of the ‘SaaS economy’ has led to a rise in non-corporate and non-SSO identities that are not covered by corporate IdPs.
These identities are often hidden from organizational security systems, and fall outside of the purview of organizational password policies and identity security posture. As a consequence, they are left exposed to attack and easy exploitation, even though they are often used for work activity and handle sensitive corporate information.
This talk will dive into the world of ‘hidden’ identities of non-corporate and non-SSO identities and analyze the implications with regard to password security and exploitation. We’ll define these identities, quantify them, and dive into specific risks such as password strength, password re-use, and password sharing, and offer methods and best practices on how to secure them.