Explore the security vulnerabilities of fingerprint scanners and access control devices in this 58-minute conference talk from the Hack In The Box Security Conference. Delve into the unique challenges these IoT devices face, including their location outside security perimeters, legacy software issues, and compatibility with insecure protocols. Discover physical-to-virtual attack vectors, methods for achieving network persistence, and the implications of outdated software on device security. Learn about firmware exploitation techniques and the potential for compromised devices to provide access to internal networks. Examine the widespread nature of these vulnerabilities across various device families and gain insights into the current opportunistic attack surface based on Shodan scans. Benefit from the expertise of Kevin Reed, a seasoned CISO with 20 years of experience in information security, as he shares his knowledge on combating new-generation cyber threats and improving network reliability and performance. Read more