YoVDO

Breaking the Isolation - Cross-Account AWS Vulnerabilities

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Cloud Computing Courses AWS Security Courses

Course Description

Overview

Explore a critical Black Hat conference talk unveiling cross-account vulnerabilities in multiple AWS services. Discover how attackers could manipulate AWS services to perform actions on other clients' resources due to unsafe identity policies. Learn about proven vulnerabilities in AWS Config, Cloudtrail, and Serverless Repository that allowed potential attackers to write and read objects from private S3 buckets. Delve into the root causes of these vulnerabilities and their implications for AWS security. Gain insights from security experts Shir Tamari and Ami Luttwak as they present their findings in this 32-minute session, shedding light on the importance of proper isolation and security measures in cloud environments.

Syllabus

Breaking the Isolation: Cross-Account AWS Vulnerabilities


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube