http://secdocs.lonerunners.net Latest security documents RSS feed for author Billy Rios en-us <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <a href="http://secdocs.lonerunners.net/authors/details/899-rob-carter">Rob Carter</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/113-uri">URI</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/99-black-hat-eu-2008">Black Hat EU 2008</a> <br/> Fri, 27 Jan 2012 22:43:36 +0100 http://secdocs.lonerunners.net/documents/details/4825-uri-use-and-abuse http://secdocs.lonerunners.net/documents/details/4825-uri-use-and-abuse <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <a href="http://secdocs.lonerunners.net/authors/details/899-rob-carter">Rob Carter</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/113-uri">URI</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/99-black-hat-eu-2008">Black Hat EU 2008</a> <br/> Fri, 27 Jan 2012 22:43:19 +0100 http://secdocs.lonerunners.net/documents/details/4824-uri-use-and-abuse http://secdocs.lonerunners.net/documents/details/4824-uri-use-and-abuse <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/1241-raghav-dube">Raghav Dube</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/162-xss">XSS</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/69-black-hat-eu-2007">Black Hat EU 2007</a> <br/> Tue, 19 Jul 2011 20:10:07 +0200 http://secdocs.lonerunners.net/documents/details/3879-kicking-down-the-cross-domain-door-one-xss-at-a-time http://secdocs.lonerunners.net/documents/details/3879-kicking-down-the-cross-domain-door-one-xss-at-a-time <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/1241-raghav-dube">Raghav Dube</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/162-xss">XSS</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/69-black-hat-eu-2007">Black Hat EU 2007</a> <br/> Tue, 19 Jul 2011 20:09:26 +0200 http://secdocs.lonerunners.net/documents/details/3878-kicking-down-the-cross-domain-door-one-xss-at-a-time http://secdocs.lonerunners.net/documents/details/3878-kicking-down-the-cross-domain-door-one-xss-at-a-time <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/83-exploiting">exploiting</a> <a href="http://secdocs.lonerunners.net/tags/details/222-client-side">client side</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/63-ruxcon-2010">Ruxcon 2010</a> <br/><b>Abstract</b>: Today’s information systems are giant mesh of complexity. Typical consumer systems have large numbers of software created by different software manufactures installed on their machines. This mesh of software creates an ecosystem, where software is intertwined and in some cases dependant on each other. When one piece of the ecosystem gets out of line, it can have a dramatic effect on the ecosystem as a whole. A small vulnerability or even an ‘annoying’ behaviour from one piece of software can alter the behaviour of a 2nd piece of software, a behavior which a 3rd piece of software is depending on for a security decision. Enter the world of blended vulnerabilities and attacks. This talk will discuss the details of various ‘blended’ attacks and demonstrates the chaining of seeming low risk vulnerabilities and unusual design decisions from popular software together to create a higher risk exploit. Fri, 24 Dec 2010 05:25:19 +0100 http://secdocs.lonerunners.net/documents/details/3262-will-it-blend http://secdocs.lonerunners.net/documents/details/3262-will-it-blend <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/873-chris-evans">Chris Evans</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <a href="http://secdocs.lonerunners.net/tags/details/162-xss">XSS</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/45-hack-in-the-box-2009-dubai">Hack In The Box 2009 Dubai</a> <br/> Fri, 24 Sep 2010 08:52:00 +0200 http://secdocs.lonerunners.net/documents/details/2904-cross-domain-leakiness http://secdocs.lonerunners.net/documents/details/2904-cross-domain-leakiness <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/55-nitesh-dhanjani">Nitesh Dhanjani</a> <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/46-malware">malware</a> <a href="http://secdocs.lonerunners.net/tags/details/100-phishing">phishing</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/42-black-hat-usa-2008">Black Hat USA 2008</a> <br/> Fri, 02 Jul 2010 06:04:46 +0200 http://secdocs.lonerunners.net/documents/details/2627-bad-sushi-beating-phishers-at-their-own-game http://secdocs.lonerunners.net/documents/details/2627-bad-sushi-beating-phishers-at-their-own-game <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/55-nitesh-dhanjani">Nitesh Dhanjani</a> <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/46-malware">malware</a> <a href="http://secdocs.lonerunners.net/tags/details/100-phishing">phishing</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/42-black-hat-usa-2008">Black Hat USA 2008</a> <br/> Fri, 02 Jul 2010 06:04:45 +0200 http://secdocs.lonerunners.net/documents/details/2623-bad-sushi-beating-phishers-at-their-own-game http://secdocs.lonerunners.net/documents/details/2623-bad-sushi-beating-phishers-at-their-own-game <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/55-nitesh-dhanjani">Nitesh Dhanjani</a> <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/46-malware">malware</a> <a href="http://secdocs.lonerunners.net/tags/details/100-phishing">phishing</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/42-black-hat-usa-2008">Black Hat USA 2008</a> <br/> Fri, 02 Jul 2010 06:04:43 +0200 http://secdocs.lonerunners.net/documents/details/2622-bad-sushi-beating-phishers-at-their-own-game http://secdocs.lonerunners.net/documents/details/2622-bad-sushi-beating-phishers-at-their-own-game <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <a href="http://secdocs.lonerunners.net/tags/details/253-csrf">CSRF</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Wed, 16 Dec 2009 06:11:09 +0100 http://secdocs.lonerunners.net/documents/details/1711-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers http://secdocs.lonerunners.net/documents/details/1711-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <a href="http://secdocs.lonerunners.net/tags/details/253-csrf">CSRF</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Fri, 24 Jul 2009 15:03:00 +0200 http://secdocs.lonerunners.net/documents/details/1169-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers http://secdocs.lonerunners.net/documents/details/1169-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <a href="http://secdocs.lonerunners.net/tags/details/253-csrf">CSRF</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Fri, 24 Jul 2009 15:00:00 +0200 http://secdocs.lonerunners.net/documents/details/1168-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers http://secdocs.lonerunners.net/documents/details/1168-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <a href="http://secdocs.lonerunners.net/authors/details/66-nathan-mcfeters">Nathan McFeters</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/13-web-application">web application</a> <a href="http://secdocs.lonerunners.net/tags/details/152-browser">browser</a> <a href="http://secdocs.lonerunners.net/tags/details/253-csrf">CSRF</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/27-defcon-15">DEFCON 15</a> <br/> Fri, 24 Jul 2009 14:41:00 +0200 http://secdocs.lonerunners.net/documents/details/1167-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers http://secdocs.lonerunners.net/documents/details/1167-biting-the-hand-that-feeds-you---storing-and-serving-malicous-content-from-well-known-web-servers <b>Authors</b>: <a href="http://secdocs.lonerunners.net/authors/details/55-nitesh-dhanjani">Nitesh Dhanjani</a> <a href="http://secdocs.lonerunners.net/authors/details/56-billy-rios">Billy Rios</a> <br/><b>Tags</b>: <a href="http://secdocs.lonerunners.net/tags/details/100-phishing">phishing</a> <br/><b>Event</b>: <a href="http://secdocs.lonerunners.net/events/details/5-black-hat-dc-2008">Black Hat DC 2008</a> <br/> Sat, 01 Mar 2008 13:07:00 +0100 http://secdocs.lonerunners.net/documents/details/128-bad-sushi---beating-phishers-at-their-own-game http://secdocs.lonerunners.net/documents/details/128-bad-sushi---beating-phishers-at-their-own-game