Explore the security vulnerabilities in cloud-based IoT implementations in this 31-minute RSA Conference talk by Alex Jay Balan, Chief Security Researcher at Bitdefender. Delve into the world of "insecurity gold" as Balan reveals authentication bypasses, device tampering, and remote code execution (RCE) vulnerabilities. Learn how a single flawed cloud implementation can expose all devices from a vendor to potential attacks, eliminating the need for traditional IP space scanning. Gain insights into the risks associated with poorly implemented cloud platforms for IoT devices and understand the implications for cybersecurity. While strong networking skills and knowledge of API tampering, MQTT, and AWS S3 are beneficial, the talk also touches on buffer overflows, Return-Oriented Programming (ROP), and command injection for RCE demonstrations.
Overview
Syllabus
Next-Gen IoT Botnets 3: Bad Implementations of Good Cloud Platforms
Taught by
RSA Conference