YoVDO

Account Jumping Post Infection Persistency & Lateral Movement in AWS

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Lateral Movement Courses AWS Security Courses

Course Description

Overview

Explore advanced AWS security threats and countermeasures in this Black Hat conference talk. Delve into pre-infection, post-infection, and advanced persistency techniques targeting AWS environments. Learn about "account jumping" for compromising PaaS and IaaS resources, poisoned AMIs, and leveraging S3 and CloudFront for credential theft. Discover how attackers manipulate AWS resources for MITM attacks and hide malicious code using Lambda functions. Examine the risks in hybrid deployments and methods to compromise on-premise datacenters. Gain insights into best practices for protection, including bastion gateways, CASB solutions, AWS audit and HSM capabilities, and isolation approaches. Understand the evolving landscape of AWS-focused APTs and equip yourself with knowledge to safeguard cloud environments.

Syllabus

Introduction
Code Spaces Breach
Hide and Seek
AWS Intro
Infection Phase
Infection Through AWS
Infection Through ThirdParty Services
Survival From Attackers Perspective
Demo
Custom Key
Persistency
New Users
Summary
What can you do


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube