Account Jumping Post Infection Persistency & Lateral Movement in AWS
Offered By: Black Hat via YouTube
Course Description
Overview
Explore advanced AWS security threats and countermeasures in this Black Hat conference talk. Delve into pre-infection, post-infection, and advanced persistency techniques targeting AWS environments. Learn about "account jumping" for compromising PaaS and IaaS resources, poisoned AMIs, and leveraging S3 and CloudFront for credential theft. Discover how attackers manipulate AWS resources for MITM attacks and hide malicious code using Lambda functions. Examine the risks in hybrid deployments and methods to compromise on-premise datacenters. Gain insights into best practices for protection, including bastion gateways, CASB solutions, AWS audit and HSM capabilities, and isolation approaches. Understand the evolving landscape of AWS-focused APTs and equip yourself with knowledge to safeguard cloud environments.
Syllabus
Introduction
Code Spaces Breach
Hide and Seek
AWS Intro
Infection Phase
Infection Through AWS
Infection Through ThirdParty Services
Survival From Attackers Perspective
Demo
Custom Key
Persistency
New Users
Summary
What can you do
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube