Hao Wang
Hao Wang brings over 15 years of experience in cyber security and has earned widespread recognition for his innovative approaches in Offensive Security. As the leader of PayPal's Offensive Security team, he spearheads initiatives in threat emulation, web application/API security, network infrastructure security, and bug bounty programs. Hao has a strong track record of tackling complex security challenges while driving continuous improvement in organizational defense. In addition to his leadership role, Hao is a respected speaker and has presented at top cybersecurity conferences, including Black Hat USA, Troopers, BSidesLV, and SANS Summit, where he shares insights on cutting-edge threat landscapes and defensive strategies.
Session
Email spoofing attacks are rapidly evolving, becoming increasingly sophisticated and alarmingly effective at circumventing established security standards. This presentation introduces several groundbreaking email spoofing techniques that exploits DKIM and DMARC implementation flaws , enabling attackers to disseminate convincing phishing emails on a massive scale from highly reputable enterprise domains
We will also provide a detailed examination of several advanced and frequently overlooked spoofing patterns uncovered through recent research. These attack methods are actively targeting Fortune 500 companies and government agencies, highlighting critical vulnerabilities across essential sectors. Despite existing documentation and defensive measures, attackers continue to exploit these vulnerabilities extensively, underscoring significant gaps in current security frameworks.
Participants attending this session will gain practical, actionable insights and advanced defensive strategies tailored to detecting, mitigating, and proactively defending against these sophisticated email spoofing attacks. Enhancing awareness and adopting the demonstrated mitigation approaches will significantly bolster organizational resilience against evolving phishing threats.