Radu-Emanuel Chiscariu

Security Research Engineer at Ixia, a Keysight business

Radu Emanuel Chiscariu is a Security Researcher within Ixia’s Application and Threat Intelligence Research Center. Radu holds a MSc in Computer and Network Security from Politehnica University of Bucharest. With a background in network engineering, Radu specializes in the investigation of the current threats and the analysis of the latest vulnerabilities seen in the wild. He spends most of his time trying to reproduce attack techniques in a safe environment and come up with new vectors of bypassing current protection mechanisms.

Drupalgeddon 2 – Yet Another Weapon for the Attacker

With over 1,000,000 websites on the Web, Drupal is one of the most popular Content Management Systems out there. This makes Drupal a juicy target for malicious actors.

A recently discovered vulnerability in the Drupal Core Project effectively allows an attacker to gain remote code execution on the target server.

How can this vulnerability be exploited? How can an attacker make use of such a tool?  These are some questions that this talk will attempt to answer to.

Finally, we will illustrate the activity in the wild for this cyber-threat, as reported by our honeypot network.

Presentation @DefCamp 2018