Tunnel Vision: Exploring VPN Post-Exploitation Techniques
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In a compelling presentation at Black Hat USA 2024, Olid, a security researcher at Akamai, challenged the conventional understanding of Virtual Private Network (VPN) security. Titled "Tunnel Vision: Exploring VPN Post-Exploitation Techniques," the talk delved into the often-overlooked phase of **VPN post-exploitation**, moving beyond the initial compromise of these critical network edge devices. Olid opened with a thought-provoking question: "Do you trust your VPN server?" He argued that organizations, despite growing adoption of zero-trust principles, often place undue faith in their VPN infrastructure, creating significant blind spots for advanced attackers.