The rapid pace of technological advancement means that security frameworks like MITRE ATT&CK or NIST may not always have the most up-to-date information. This, in turn, can create blind spots for CISOs and their teams. This is the case regarding IPv6, the newest Internet Protocol, which was released in 2011. Despite its prevalence, known examples of attacks exploiting the protocol are not listed in MITRE. This lack of awareness means defenders may be less aware of the need to secure it.
In this session, Pentera Security Researcher, Yotam Mazurik, will cover an example of how attackers can exploit IPv6 for traffic bending and how to mitigate.