Understanding Security Implications of Exposed Cloud Services through Automated Capability Inference

Explore a critical security presentation from USENIX Security '23 focusing on the vulnerabilities of cloud services used by mobile applications. Delve into the research conducted by experts from the University of Central Florida, Meta, ServiceNow, and Indiana University Bloomington, which examines the security implications of over-privileged cloud credentials. Learn about their systematic approach to recovering cloud credentials from apps, inferring cloud capabilities, and verifying if these capabilities exceed legitimate needs. Discover the findings from a large-scale study of approximately 1.3 million apps across AWS, Azure, and Alibaba Cloud platforms, revealing that 27.3% of apps using cloud services expose over-privileged credentials. Gain insights into new types of attacks enabled by regular cloud credentials, including spear-phishing through push notifications and targeted user data pollution. Understand the impact of this research, which has led to over 300 app vendors addressing the identified security issues.