A PRACTICAL ATTACK AGAINST VIRTUAL DESKTOPS

image

Black Hat HACK Showcase 2014
http://www.csoonline.com/article/2449321/security/10-disturbing-attacks-at-black-hat-usa-2014.html

Virtual desktop infrastructure is often touted as a way to make BYOD programs safer by centralizing applications and data and providing end users with only presentations of them. But Daniel Brodie and Michael Shaulov of Lacoon Mobile Security will demonstrate a proof-of-concept attack against VDI that they say is not only feasible but also efficient. It involves screen scraping to steal data while remaining undetectable. As they describe it: “While keeping the espionage activity invisible both from client-side and server-side malware detection measures, the attacker can automate the process and ultimately render the VDI solution ineffective.”

image

Advertisements