YoVDO

Breaking Formation - From an Error Message to Internal AWS Infrastructure

Offered By: nullcon via YouTube

Tags

nullcon Courses AWS CloudFormation Courses Web Security Courses Risk Assessment Courses Cloud Security Courses Cloud Infrastructure Courses Vulnerability Research Courses

Course Description

Overview

Explore a critical vulnerability discovered in AWS CloudFormation service in this 42-minute webinar from Nullcon 2022. Delve into the specifics of an XXE vulnerability that led to local file disclosure and SSRF, allowing access to sensitive data. Learn about the potential impact on AWS customers, the disclosure process with a major cloud provider, and the steps taken to ensure the vulnerability was patched. Gain insights into the anatomy of cloud provider service vulnerabilities, inherent security risks in cloud services, and potential future research avenues. Presented by Tzah Pahima, a cloud security researcher at Orca Security specializing in vulnerability research and web security, this talk offers valuable knowledge for those interested in cloud security, AWS infrastructure, and cybersecurity in general.

Syllabus

Breaking Formation: From an Error Message to Internal AWS Infra| Tzah Pahima | Nullcon Webinar 2022


Taught by

nullcon

Related Courses

Unearthing Malicious and Risky OpenSource Packages Using Packj
nullcon via YouTube
Pushing Security Left by Mutating Byte Code
nullcon via YouTube
The Faces of MacOS Malware - Detecting Anomalies in a Poisoned Apple
nullcon via YouTube
Contextomy - Let's Debug Together
nullcon via YouTube
Mind The Gap - The Linux Ecosystem Kernel Patch Gap
nullcon via YouTube