BOOTLOADER Mixer'25

Phishing has evolved to bypass MFA using reverse proxies, while traditional defenses like blocklists are aging and evaded. This talk introduces Cloned Site Canarytoken, which alerts you to phishing attempts before credentials are entered, with real-world attack insights and response strategies.

This talk examines EVSE security through an analysis of 8 EV chargers and findings from Pwn2Own Automotive 2024 and 2025. It covers typical charger design, common attack surfaces, and the process of researching an EV charger from scratch, including a successfully exploited vulnerability.