YoVDO

IAM Concerned - OAuth Token Hijacking in Google Cloud

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Google Cloud Platform (GCP) Courses Identity and Access Management (IAM) Courses OAuth Courses

Course Description

Overview

Explore the critical security vulnerability of OAuth token hijacking in Google Cloud Platform (GCP) environments through this eye-opening Black Hat conference talk. Delve into a scenario where, despite implementing robust security measures like MFA and hardware security keys, a GCP environment falls victim to a breach via hijacked OAuth session tokens cached by gcloud access. Learn about the intricacies of this attack vector, understand its implications for cloud security, and discover potential mitigation strategies to safeguard your GCP infrastructure against such sophisticated threats. Gain valuable insights from security expert Jenko Hwong as he dissects this concerning issue and provides actionable knowledge to enhance your cloud security posture.

Syllabus

IAM Concerned: OAuth Token Hijacking in Google Cloud (GCP)


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube