In this talk, vulnerabilities that affect millions of traders will be shown in detail. Among them are unencrypted authentication, communications, passwords and trading data; remote DoS that leave the applications useless, weak password policies, hardcoded secrets, poor session management, etc.
02:33 What the New York Stock Exchange looks like now
04:05 The specifics of cyber attacks on stock exchanges
06:08 What is the Meta Trader platform for
Hi everyone, good morning. 00:00 Thank you for being here. 00:00 I'm super excited to be here. 00:04 This is my very first briefing. 00:06 I do on Black Hat. 00:08 Previously, I had a chance to present 2 tools on the Arsenal in 2000 and 00:10 , 12:15 but this is my first time here. 00:16 My name is Alexandro Hernandez. 00:18 I'm from Chapas, Mexico, which is in the SE of the country right over there. 00:20 And I have been doing consulting and research, 00:26 for you, active for almost 6 years now. 00:29
I come from our computer Sciences background. 00:32 I didn't study anything related to finance or economics. 00:35 I must self-doubt on these topics. 00:39 An later on. 00:41 I took a couple of courses in the Mexican Stock Exchange in Mexico City, 00:41 an with a few other brokers. 00:48 And in the end I decided to breach both topics. 00:50 I'm interested in right and I found interesting results. 00:53 I will share with you today. 00:57 Um. 00:59
This will be the agenda will be discussing today a quick introduction. 01:02 The core of the research of my analysis, 01:07 the boner abilities. 01:10 The responsible disclosure process regulators organizations. 01:10 Some other ideas. 01:16 I have in mind that either I or you could develop in the future after the talk and in the end recommendations and conclusions for training up 01:16 a quick disclaimer. 01:27
All the testing was performed using paper money, 01:27 which is demo accounts fake money right. 01:32 I I only tested applications for end users mobile websites and desktop applications and the web servers that communicate these applications. 01:36 I didn't test anything else, 01:45 the steel. 01:47 There are a lot of technologies behind this there. 01:47 A lot of protocols that are a lot of other devices for example, 01:51 phones with embedded software. 01:55
Buy this talk
Buy this video
With ConferenceCast.tv you get access to our library of the world's best conference talks.