Serverless Infections - Malware Just Found a New Home

Explore the security implications of serverless computing in this AppSecUSA 2018 conference talk. Discover how malware can infiltrate serverless environments as Erez Yalon presents the first-ever Remote Code Execution (RCE) attack in a serverless setting. Learn about the architecture and advantages of serverless computing, understand the associated security challenges, and witness a live demonstration of data infiltration, infection, and exfiltration. Gain insights into self-duplicating attacks that persist within the code and observe their execution across various serverless platforms. Delve into topics such as code injection, AWS SDK exploitation, Lambda security parameters, and Virtual Private Cloud considerations. Walk away with best practices and tips for maintaining security in serverless environments, equipping yourself to address critical questions organizations face when transitioning to this technology.

Intro
Evolution
Life cycle
Benefits and downsides
Common Use Cases
Serverless Security
Challenge Accepted
Code Injection
Checkmarks
payload
AWS SDK
Persistence
Onetime infection
Cross contamination
Lambda security
Lambda security parameters
Execution roll
Documentation
Virtual Private Cloud
Summary