By Orange Tsai & Meh Chang

We disclose practical attacks capable of compromising millions of targets, including tech giants and many industry leaders. These techniques and methodologies are published in the hope that it can inspire more security researchers to think out-of-the-box; enterprises can apply immediate mitigation, and realize that SSL VPN is not merely Virtual Private Network, but also a "Vulnerable Point of your Network".

Full Abstract & Presentation Slides: https://www.blackhat.com/us-19/briefi...