Himanshu Mehta

Senior Threat Analysis Engineer, Symantec

About speaker

Himanshu Mehta is passionate about Computer Security and for this reason he actively and responsibly discloses security vulnerabilities to vendors. He is also involved in several bug bounty and Capture the Flag programs. He is the board member of EC-Council’s Licensed Penetration Tester group — actively contributing to make security certification more challenging — and Convet.it — contributing to the discussion on ‘The Future of Cyber Security in Transforming Businesses’. He is also the Program Committee Member of Dubai International Conferences on Data Mining & Knowledge Management, and Fuzzy Logic Systems. He has been a Guest of Honor on several security events and presented his security research paper at several security conferences. Currently, he is leading a team of security intelligence at Symantec which gave him good insight into cybersecurity and helped him to emerge as a creative leader. On the other hand, it also increased his thirst to explore more in this field.
November 16
12:00 — 12:30
Fast Track
The main motto of this session is to walk through the multitude of vulnerabilities present in PBX that may pose a threat to any individual or organization. This talk will demonstrate multiple exploitable security vulnerabilities including impact and attack scenarios as well as their mitigations that we came across while playing with different PBX. Hackers explore the vulnerabilities to launch various security attacks and security professionals need to learn how to moderate them. The presentation will not be limited to one, but rather many PBX vendors.
This talk will include the following categories and demonstration:

    — Information Gathering
      — Internet connected PBX and gaining access
        — Password Security
          — Caller ID Spoofing
            — Softphone Security
              — Vulnerabilities
                — Impact
                  — Mitigation