Eilon Cohen
Security Analyst @ Checkmarx Research
Tel Aviv, Israel
Actions
That kid who took apart all his toys to see how they worked.
Currently breaking (and fixing) things in the Research group at Checkmarx. Education spans from Mechanical Engineering and Robotics to Computer science, but a self-made security personnel. Ex-IBM as a security engineer, securing multiple complex cloud and IT environments, now researching and analyzing security vulnerabilities in the wild.
Area of Expertise
When Regulation Backfires: How a Vulnerable Plugin Led to an XSS Pandemic
What began as a simple WAF bypass challenge on a single website turned into the discovery of a vulnerability affecting thousands of organizations. Join us in the journey of how an accessibility plugin, mandated by regulation, became the perfect vehicle for a widespread XSS vulnerability. We’ll explore the real-world impact of compromised sensitive systems, from government and military to healthcare and finance, showing how a single regulatory requirement led to an ecosystem-wide security breach.
We’ll also analyze the plugin’s source code to understand how and why this XSS vulnerability occurs, along with a behavior analysis that suggests the plugin may also be tracking users without consent, indicating potential malicious intent. Additionally, we’ll share the methodology and tools used to uncover and validate these vulnerabilities at scale.
Eilon Cohen
Security Analyst @ Checkmarx Research
Tel Aviv, Israel
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top