Alex Brown
Alexander Brown is an Associate Security Consultant from ReverSec who focuses on offensive security and vulnerability research. His talk draws from hands-on experience in penetration testing and real-world security assessments.
Session
This talk explores Microsoft Edge’s Secure Preferences file as a persistence vector. We’ll dive into how Chromium-based browsers store and protect user settings, demonstrate how these protections can be defeated, and highlight which settings can be abused to maintain access on a compromised system. Attendees will learn how to modify Edge’s start-up URL to deliver phishing content, leverage IE Mode to launch a Java applet and execute code locally without user interaction, and silently install extensions (even in environments with extension whitelisting). The talk concludes with detection and mitigation guidance for defenders.