All Your Cloud Are Belong To Us – Hunting Compromise in Azure

Explore the evolving landscape of cloud security in this 59-minute conference talk from BruCON Security Conference. Delve into the tactics used by attackers to compromise cloud networks, focusing on Azure vulnerabilities. Learn about hunting, identifying, and remediating compromised systems in Azure's vast network of exposed hosts. Discover how lessons learned from these incidents have been applied to enhance security in Azure Marketplace. Gain insights into the default security configurations of Azure and AWS Marketplace images, and understand the challenges faced in securing cloud environments. Examine case studies involving MongoDB, Redis, Elastic, Hadoop, SMBv1, IIS6.0, and Samba compromises. Explore topics such as ransomware monetization, the disappearance of traditional security perimeters, and proactive measures for cloud security. Conclude with a call to action for teams working on Azure security offerings and key takeaways for improving cloud security posture.

Welcome
Nate Warfield
AWS
MQTT
Owntracks
Vulnerability Details
SMB v1x Play
Wannacry Drops
What Causes Downtime
Cloud Marketplaces
The Year of Crypto
Building correlations
Customization
Cloud Tenants
The Cool Stuff
Takeaways