BEGIN:VCALENDAR VERSION:2.0 PRODID:IEEE vTools.Events//EN CALSCALE:GREGORIAN BEGIN:VTIMEZONE TZID:America/Los_Angeles BEGIN:DAYLIGHT DTSTART:20210314T030000 TZOFFSETFROM:-0800 TZOFFSETTO:-0700 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:PDT END:DAYLIGHT BEGIN:STANDARD DTSTART:20211107T010000 TZOFFSETFROM:-0700 TZOFFSETTO:-0800 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:PST END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20210930T163039Z UID:2269020D-0C01-4443-82B5-A7C187023DA7 DTSTART;TZID=America/Los_Angeles:20210603T183000 DTEND;TZID=America/Los_Angeles:20210603T193000 DESCRIPTION:Hear from a former hacker on how to stay secure in an era where mobile apps and APIs are most vulnerable\n\nIt is very hard\, if not impo ssible\, to secure something you don’t know exists. While security profe ssionals spend countless hours on complex yet interesting issues that *may * be exploitable in the future\, basic attacks are occurring every day wit h little to reviews. For example\, a “dated trend” by effective yet la zy hackers is to search for API unknown by security teams\, coined “Shad ow APIs”\, connect to these APIs\, and extract data. While SQL Injection used to be the hack of choice\, as a few simple SQL commands would either mean “pay dirt” or “move on to the next target”\, the same can be said for Shadow API….Find\, Connect\, Extract. This talk will discuss o ne of many methods that are used in the wild to target Shadow APIs and exp ort large volumes of data with a few clicks of a button - or lines of code in python :). Attendees will learn about a very basic yet non-so-obvious problem in securing data\, and how hackers are using creative methods to s teal large volumes of data.\n\nSpeaker(s): Himanshu Dwivedi\, Sophia Napp- Vega\n\nAgenda: \nHear from a former hacker on how to stay secure in an er a where mobile apps and APIs are most vulnerable\n\nAbout this event\n\nIt is very hard\, if not impossible\, to secure something you don’t know e xists. While security professionals spend countless hours on complex yet i nteresting issues that *may* be exploitable in the future\, basic attacks are occurring every day with little to reviews. For example\, a “dated t rend” by effective yet lazy hackers is to search for API unknown by secu rity teams\, coined “Shadow APIs”\, connect to these APIs\, and extrac t data. While SQL Injection used to be the hack of choice\, as a few simpl e SQL commands would either mean “pay dirt” or “move on to the next target”\, the same can be said for Shadow API….Find\, Connect\, Extrac t. This talk will discuss one of many methods that are used in the wild to target Shadow APIs and export large volumes of data with a few clicks of a button - or lines of code in python :). Attendees will learn about a ver y basic yet non-so-obvious problem in securing data\, and how hackers are using creative methods to steal large volumes of data.\n\nSanta Clara\, Ca lifornia\, United States\, Virtual: https://events.vtools.ieee.org/m/27371 9 LOCATION:Santa Clara\, California\, United States\, Virtual: https://events .vtools.ieee.org/m/273719 ORGANIZER:sbehere@ieee.org SEQUENCE:1 SUMMARY:How Low-Tech Hackers Hack Your APIs in 15 Min or Less URL;VALUE=URI:https://events.vtools.ieee.org/m/273719 X-ALT-DESC:Description: <br /><div class="g-group l-lg-mar-bot-6 l-md-mar-b ot-4 ">\n<div class="g-cell g-cell-10-12 g-cell-md-1-1">\n<div class="has -user-generated-content">\n<div class="text-body-medium" data-automation=" listing-event-description"><strong>Hear from a former hacker on how to sta y secure in an era where mobile apps and APIs are most vulnerable</strong> </div>\n</div>\n</div>\n</div>\n<div class="g-group l-mar-bot-6 l-sm-mar-b ot-4">\n<div class="structured-content g-cell g-cell-10-12 g-cell-md-1-1"> \n<div class="has-user-generated-content" data-automation="about-this-even t-sc">\n<div class="structured-content-rich-text structured-content__modul e l-align-left l-mar-vert-6 l-sm-mar-vert-4 text-body-medium">\n<p>It is v ery hard\, if not impossible\, to secure something you don&rsquo\;t know e xists. While security professionals spend countless hours on complex yet i nteresting issues that *may* be exploitable in the future\, basic attacks are occurring every day with little to reviews. For example\, a &ldquo\;da ted trend&rdquo\; by effective yet lazy hackers is to search for API unkno wn by security teams\, coined &ldquo\;Shadow APIs&rdquo\;\, connect to the se APIs\, and extract data. While SQL Injection used to be the hack of cho ice\, as a few simple SQL commands would either mean &ldquo\;pay dirt&rdqu o\; or &ldquo\;move on to the next target&rdquo\;\, the same can be said f or Shadow API&hellip\;.Find\, Connect\, Extract. This talk will discuss on e of many methods that are used in the wild to target Shadow APIs and expo rt large volumes of data with a few clicks of a button - or lines of code in python :). Attendees will learn about a very basic yet non-so-obvious p roblem in securing data\, and how hackers are using creative methods to st eal large volumes of data.</p>\n</div>\n</div>\n</div>\n</div><br /><br /> Agenda: <br /><div class="g-group l-lg-mar-bot-6 l-md-mar-bot-4 ">\n<div class="g-cell g-cell-10-12 g-cell-md-1-1">\n<div class="has-user-generated -content">\n<div class="text-body-medium" data-automation="listing-event-d escription"><strong>Hear from a former hacker on how to stay secure in an era where mobile apps and APIs are most vulnerable</strong></div>\n</div>\ n</div>\n</div>\n<div class="g-group l-mar-bot-6 l-sm-mar-bot-4">\n<div cl ass="structured-content g-cell g-cell-10-12 g-cell-md-1-1">\n<h2 class="te xt-body-large hide-small">About this event</h2>\n<div class="has-user-gene rated-content" data-automation="about-this-event-sc">\n<div class="structu red-content-rich-text structured-content__module l-align-left l-mar-vert-6 l-sm-mar-vert-4 text-body-medium">\n<p>It is very hard\, if not impossibl e\, to secure something you don&rsquo\;t know exists. While security profe ssionals spend countless hours on complex yet interesting issues that *may * be exploitable in the future\, basic attacks are occurring every day wit h little to reviews. For example\, a &ldquo\;dated trend&rdquo\; by effect ive yet lazy hackers is to search for API unknown by security teams\, coin ed &ldquo\;Shadow APIs&rdquo\;\, connect to these APIs\, and extract data. While SQL Injection used to be the hack of choice\, as a few simple SQL c ommands would either mean &ldquo\;pay dirt&rdquo\; or &ldquo\;move on to t he next target&rdquo\;\, the same can be said for Shadow API&hellip\;.Find \, Connect\, Extract. This talk will discuss one of many methods that are used in the wild to target Shadow APIs and export large volumes of data wi th a few clicks of a button - or lines of code in python :). Attendees wil l learn about a very basic yet non-so-obvious problem in securing data\, a nd how hackers are using creative methods to steal large volumes of data.< /p>\n</div>\n</div>\n</div>\n</div> END:VEVENT END:VCALENDAR