Chuck Willis

• 
  www.technologyreview.com/Infotech/20487/ - [Cached Version]
  Published on: 3/31/2008    Last Visited: 3/31/2008  

  Chuck Willis, principal security consultant for Mandiant, an information security firm, says that many developers would like to see some of the controls, such as the same-origin policy, relaxed.The average user needs things to stay the way they are, he says, since most users don't understand the consequences of giving access to third-party tools.

• 
  www.merit.net/mail.archives/netsec/msg02520.html - [Cached Version]
  Published on: 1/28/2008    Last Visited: 2/25/2008  

  says Chuck Willis, principal consultant with Mandiant, who will give a presentation on this topic at Black Hat D.C. next month.
  ...
  there," Willis says.
  ...
  Willis says CSRF flaws are even more widespread in Web applications than the better-known cross-site scripting bug, but so far have not been widely exploited."It's [CSRF] really a feature of the HTTP protocol in some ways," Willis says."So unless you're actively doing things to prevent it, you're going to end up with it" in your applications, he
  ...
  Willis says his Black Hat talk is more about making sure organizations

• 
  www.gocsi.com/blog/archives/2008/01/all_the_cool_ki.htm - [Cached Version]
  Published on: 1/1/2008    Last Visited: 3/6/2008  

  I spoke to Chuck Willis of Mandiant yesterday--the fellow who will be speaking at BlackHat D.C. about how cross-site request forgery attacks can be used to either cause state changes on the server or to frame innocent users by causing their browsers to conduct suspicious or malicious activities without the user's knowledge or approval.
  
  Quick review: I'm hanging out on a Web site which is either entirely malicious or contains a naughty link or script that references information on another site.My browser will attempt to load the information from this second site.If it happens to be a site that I use and have already logged in to, and if the site happens to store my authentication info in a cookie, the site will respond to the query with my session cookie, thereby giving the attacker the ability to conduct business on that second site just as if he were me.

• 
  www.gocsi.com/blog/archives/2008/01/csrf_attacks_ca.htm - [Cached Version]
  Published on: 1/1/2008    Last Visited: 3/6/2008  

  For her story Higgins interviewed Chuck Willis, principal consultant with Mandiant, who will present at Black Hat D.C. next month on this topic. (Both DarkReading and Black Hat are CSI's sister companies.)
  
  We've spoken about the insidious cross-site request forgery attack before.Here.And page 2 here.
  
  I call CSRF insidious because it's nigh undetectable by current Web vulnerability scanners.Reason being, the malicious action looks just like a legitimate request made by an authenticated user.The attack works by sneaking around the Same Origin Policy, which prohibits documents or script with one origin from loading content located on a Web server at a different origin--the same origin policy is also at the root of cross-site scripting attacks.
  
  In an upcoming issue of the Alert I'll have more about how CSRF works and how it can accomplish the things Willis describes.

• 
  www.computer-security-institute.com/blog/archives/2008/ - [Cached Version]
  Published on: 1/1/2008    Last Visited: 2/23/2008  

  I spoke to Chuck Willis of Mandiant yesterday--the fellow who will be speaking at BlackHat D.C. about how cross-site request forgery attacks can be used to either cause state changes on the server or to frame innocent users by causing their browsers to conduct suspicious or malicious activities without the user's knowledge or approval.
  
  Quick review: I'm hanging out on a Web site which is either entirely malicious or contains a naughty link or script that references information on another site.My browser will attempt to load the information from this second site.If it happens to be a site that I use and have already logged in to, and if the site happens to store my authentication info in a cookie, the site will respond to the query with my session cookie, thereby giving the attacker the ability to conduct business on that second site just as if he were me.
  ...
  For her story Higgins interviewed Chuck Willis, principal consultant with Mandiant, who will present at Black Hat D.C. next month on this topic. (Both DarkReading and Black Hat are CSI's sister companies.)
  
  We've spoken about the insidious cross-site request forgery attack before.Here.And page 2 here.
  
  I call CSRF insidious because it's nigh undetectable by current Web vulnerability scanners.Reason being, the malicious action looks just like a legitimate request made by an authenticated user.The attack works by sneaking around the Same Origin Policy, which prohibits documents or script with one origin from loading content located on a Web server at a different origin--the same origin policy is also at the root of cross-site scripting attacks.
  
  In an upcoming issue of the Alert I'll have more about how CSRF works and how it can accomplish the things Willis describes.

• 
  intrepidusgroup.com/belani_hacker_japan.htm - [Cached Version]
  Last Visited: 8/28/2008  

  Rohyt was interviewed by Hacker Japan after his BlackHat DC 2007 presentation co-presented with Mandiant's Chuck Willis (left).

• 
  021308 - [Cached Version]
  Published on: 2/13/2008    Last Visited: 9/8/2008  

  MANDIANT's Chuck Willis to Present at Black Hat DC 2008
  
  Security Expert to Discuss Cross Site Request Forgery Defense
  
  MANDIANT, an elite provider of incident response management services and solutions, announced today that its Principal Consultant, Chuck Willis, will deliver a presentation on intrusion investigations at this year's Black Hat DC 2008 Briefing and Training held on February 18-21 in Washington, DC.
  
  Willis' presentation, "Preparing for the Cross Site Request Forgery Defense," will be held on February 20th at 10:00 am and will discuss how cross site request forgery can be utilized to manipulate a user's history and force the user to submit data to online web applications.Willis will also present methods to detect or rule out the use of this vulnerability during an analysis.
  
  Chuck Willis concentrates his work in web application security as well as research and development.He has conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent.He has earned a Masters in Computer Science and holds both the CISSP and CFCE designations.

• 
  Black Hat 2003 Multimedia Archives - Presentation,... - [Cached Version]
  Published on: 1/1/2003    Last Visited: 11/9/2008  

  Chuck Willis Forensics With Linux 101
  ...
  PDF: Chuck Willis, Forensics With Linux 101
  ...
  PDF: Chuck Willis, Forensics With Linux 101 Tools + Xtras

• 
  Black Hat 2003 Multimedia Archives - Presentation,... - [Cached Version]
  Published on: 1/1/2003    Last Visited: 12/3/2007  

  Chuck WillisForensics With Linux 101
  ...
  PDF: Chuck Willis, Forensics With Linux 101
  ...
  PDF: Chuck Willis, Forensics With Linux 101 Tools + Xtras

• 
  Black Hat : Black Hat Speakers Page - [Cached Version]
  Published on: 1/1/1997    Last Visited: 9/28/2008  

  Chuck Willis
  ...
  Chuck Willis, Principal Consultant, MANDIANT
  ...
  Chuck Willis is a Principal Consultant with MANDIANT (http://www.mandiant.com/), a full spectrum information security company in Alexandria, Virginia, where he concentrates in web application security, research, and development.Prior to joining MANDIANT, Chuck performed security software engineering, penetration testing, and vulnerability assessments at a large government contractor and also conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent.Chuck holds a Master of Science in Computer Science from the University of Illinois at Urbana-Champaign and has previously spoken at the Black Hat Briefings, the OWASP AppSec Conference, the IT Underground security conference in Europe, DefCon, and ShmooCon.Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner.

Page:  1 2 3