Hacking with style: a look at CSS based attacks
Benedek Gagyi is a developer, teacher, sports-fanatic. As a developer, he’s working on making password management more secure at LastPass. In his free time, he’s researching the patterns and algorithms connecting basketball, tea and drums. His devotion to impeccable and secure user experience is rivalled only by his constant search for the perfect brew of Chinese pu’er.
While XSS attacks are quite known, this special flavor usually flies under the radar. We tend to overlook the ways malicious CSS can be injected since we don’t realize how much damage a few lines can cause. The goal of this talk is to raise awareness so no product falls victim to CSS based security attacks. This will be achieved through showing all the possible attack vectors and how to defend against them.