MDM can be great way to put security controls on smart phones, but what happens when an attacker brings your device into their MDM domain. From smartphone manufacturers to cell phone service providers, everyone seems to be developing a solution for managing smart phones. We will be covering the basics of how MDM works and how you can abuse the Apple MDM service to gain control over iOS devices. This attack will demo how to deploy malicious MDM configurations and how to abuse company phones to gain access to a company’s internal domain. Additionally, we will be covering the steps you should take to protect your business from malicious MDM profiles.
- See how attackers can gain full access to your iPhone
- See how MDM can be abused to steal data
- Learn how to defend your employee smartphones
About Karl Fosaaen
Karl Fosaaen is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care and hardware manufacturing. Fossaaen specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at ThotCon and a swag goon at DefCon.