This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Join us at OWASP AppSec APAC 2014 !!
View analytic
Wednesday, March 19 • 5:00pm - 5:50pm
次の大きな攻撃の波に準備しろ!:CMSシステムへのハッキング / Get Ready for the Next Big Wave of Attacks: Hacking of Leading CMS Systems

Sign up or log in to save this to your schedule and see who's attending!



The flow of this talk is given by – you! Before this talk, we emailed the audience to provide us with their favorite WordPress plugins that they would like to test for security. In a live demo, we assess the security of the requested plugins. Previous similar trials that we performed on WordPress showed that 30% of the top 50 most downloaded plugins were vulnerable to common Web attacks. What will be the results of this experiment?

As we’ll continue to show, assessing the security posture of a plugin is only the hacker’s first step in mass attacks. As opposed to past mass SQL Injection attacks which leveraged tools such as SQLMap, these next wave of attacks do not focus on the site’s platform or customized development code. Rather, these attacks leverage on the increasing popularity of CMS platforms such as WordPress and Joomla. The maturity, prevalence and market penetration of CMS platforms allow any marketing, sales or HR individual to easily set up their own fully-operational site. Accordingly, CMS apps are flourishing – and so are the vulnerabilities in these apps.

avatar for Sanjay Agnani

Sanjay Agnani

General Manager, New Business Development Dept., Intelligent Wave Inc
アグナニ サンジェ/Sanjay Agnani, | General Manager, New Business Development Department, | Intelligent Wave Inc., Japan (A DNP Group Company) | | Sanjay Agnani is General Manager of New Business Development for Intelligent | Wave Inc., Japan. Sanjay has more than nineteen years of experience in | software development, information security, malware analysis and source-code | analysis. In his present role, he is responsible for... Read More →
avatar for Helen Bravo

Helen Bravo

Product Manager, Checkmarx
Helen Bravo is the Product Manager at Checkmarx. Helen has more than fifteen years of experience in software development, IT security and source-code analysis. | Prior to working at Checkmarx, Helen has worked in Comverse one of the biggest Israeli Hi-tech firms as a software engineer and product manager for security matters. Helen holds a B.A. in Economics and Business Administration from the Israeli University of Haifa and started her... Read More →

Wednesday March 19, 2014 5:00pm - 5:50pm
Secure Your Site Hall(HALL WEST)

Attendees (2)