Explore cloud platform security vulnerabilities and best practices in this 46-minute conference talk from the Hack In The Box Security Conference. Delve into real-world cases of exposed cloud services, including S3 buckets, container services, and authentication bypasses. Learn how attackers exploit these weaknesses for credit card harvesting, botnet deployment, and crypto-mining. Gain insights into defending cloud deployments by hardening services and optimizing configurations. Discover the attacker's perspective on cloud environments and acquire practical strategies to enhance the security of your organization's cloud infrastructure. Benefit from the expertise of Fyodor Yarochkin, a senior researcher with extensive experience in threat investigation and penetration testing in the Asia-Pacific region.
Overview
Syllabus
Intro
Agenda: "Cloud War Stories"
Guess the bucket: Trail and error!
Static website hosting on AWS S3
Writable buckets lead to data exfil
A variation: Reflection attacks
Why did this work? A magic link-local address
Mitigation
Cryptominer infections
Exfiltration
Clouds - widely adopted by cybercriminals
Badness breakdown by ASN
Free Google Cloud instances
Sale of cloud instances
Credentials trade
a blackhat's True Cloud
Taught by
Hack In The Box Security Conference
