Empire Hacking NYC Meetup - Server-side Spreadsheet Injections in High Impact Attacks

Date & Time: June 12, 2018
Location: New York, NY
Speaker: Jake Miller

CSV injection and client-side Excel DDE attacks are well-known in the security community. This talk explores and demonstrates new ways spreadsheet formulas can be used to exploit servers and cloud platforms supported by spreadsheet technology. By injecting formulas into server-side services and without client interaction, we will demonstrate how we have stolen sensitive data, inserted backdoors, and obtained remote code execution during client engagements.

Security Associate Jake Miller will discuss these new types of Excel exploitation attacks in his Server-side Spreadsheet Injections: Leveraging Spreadsheet Formulas for High-Impact Attacks talk at the Empire Hacking NYC Meetup on Tuesday, June 12, 2018.

Topics:Speaking EngagementsTechnical Events


Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com


Subscribe to Updates