Jordan Lanham
President, Cyber Saguaros (University of Arizona)
Tucson, Arizona, United States
Actions
Jordan Lanham is a cybersecurity researcher, CTF competitor, and President of the Cyber Saguaros student club at the University of Arizona. His work focuses on offensive security, reverse engineering, and hardware exploitation. Jordan has led student SOC initiatives, built custom security tools, and presented cutting-edge research blending hardware, malware, and mythos. He is passionate about teaching security concepts through creative proof-of-concepts that challenge assumptions about trust and technology.
Area of Expertise
Topics
YubiWorm: Turning a Trusted YubiKey into a Propagating Worm
Hardware security tokens like YubiKeys are trusted worldwide as a gold standard for authentication. But what happens when trust becomes an attack vector? This talk introduces YubiWorm, a proof-of-concept experiment that transforms a seemingly secure YubiKey into a propagating worm capable of spreading across systems via HID injection and OTP/static password abuse.
We’ll walk through the design, payload delivery mechanism, and propagation strategy, showing how a simple reprogramming of a YubiKey can weaponize it into a stealthy USB-borne worm. Attendees will learn:
• How security tokens interact at the OS level.
• The dual-use potential of HID/OTP features for persistence and propagation.
• Why hardware trust boundaries are fragile without layered defenses.
CactusCon 14 Sessionize Event
Jordan Lanham
President, Cyber Saguaros (University of Arizona)
Tucson, Arizona, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top