ugotag.com  
  
× ANCIENT WORLD ANIMALS AQUARIUM ARCHERY ARCHITECTURE ART ARTIFICIAL INTELLIGENCE AUDIO BOOKS AVIATION BABY BEAUTY BIG THOUGHTS BIKING BIOLOGY BIRDS BLOCKCHAIN BUSINESS AUTOMOTIVE CATS CHRISTMAS COLD WAR COMPUTER SECURITY CRAFTS CRIME STORIES CRYPTOCURRENCY CSGO DIGITAL COMBAT SIMULATOR DOGS EASTER ECONOMICS ELECTRONICS ENGINEERING ENVIRONMENT FAR CRY 5 FARMING FASHION FISHING FITNESS FOOD & DRINK FORTNITE BATTLE ROYALE FREEDOM OF SPEECH FUNNY GAMBLING GAMING GARDENING GEOPOLITICS GOD OF WAR GUITAR GUNS HALLOWEEN HARRY POTTER HEALTH & WELLNESS HISTORY YOUR HOME HOME REPAIR HOMEBREW INSECTS INTERESTING KIDS KITCHEN KNITTING LAWNCARE LEGO LIQUOR LOCKSPORT MARTIAL ARTS MATH MENS STYLE MINECRAFT MOBILE DEVICES MOTORBIKES MOVIES MULTIPLICATION MUSIC MYSTERY NEUROSCIENCE OLYMPICS ORGANIZATION OUTDOORS PETS PHILOSOPHY PHOTOGRAPHY PHYSICS PI DAY POLITICS POTTERY PRIVACY PROGRAMMING PSYCHOLOGY RECIPE RED DEAD REDEMPTION RELAXING RELIGION REMOTE CONTROL ROCKCLIMBING SCI FI SCI FY SCIENCE SHOOTING SPORTS SKATEBOARDING SPECIAL FORCES SPEECHES SPORTS STAR WARS STEM STPATRICKS STYLE TECHNOLOGY THANKSGIVING TOYS TRAVEL TV VALENTINE'S DAY WAR WEDDING WOODWORKING WW1 WORLD WAR 2
HOME  |  TECHNOLOGY  |  HEALTH  |  FOOD  |  MORE

Episode Markers
  • 02:55
     
    #early AWS AMI ID attack   
    early AWS AMI ID attack Early AWS AMI ID, so a simple attack was to generate a low enough one to get it pushed to the top.
  • 04:12
     
    #AWS virtual machine bomb   
    AWS virtual machine bomb
  • 07:09
     
    #Footprinting   
    Footprinting in AWS.
  • 09:23
     
    #SendGrid bug bounty from Uber   
    SendGrid bug bounty from Uber illustrates microservices security problems.
  • 12:05
     
    #Canarytokens are a modernization on honey tokens   
    Canarytokens are a modernization on honey tokens
  • 13:42
     
    #How to tell if SalesForce accounts are compromised using Canarytokens   
    How to tell if SalesForce accounts are compromised using Canarytokens
  • 16:37
     
    #Common shared library attack   
    Common shared library attack in open source software
  • 19:09
     
    #Malicious Atom editor plugin   
    Malicious Atom editor plugin keylogger example.
  • 22:13
     
    #Advertising in Minimap plugin   
    Advertising in Minimap plugin after plugin purchased and taken in a new direction.
  • 24:40
     
    #Post exploitation honeytokens in Slack   
    Post exploitation honeytokens in Slack
  • 25:20
     
    #badthingsdaily twitter   
    badthingsdaily twitter
  • 27:50
     
    #Persistence in AWS   
    Persistence in AWS
  • 28:25
     
    #Self XSS to achieve persistence in IaaS   
    Self XSS to achieve persistence in IaaS
  • 30:12
     
    #AWS specific attacks   
    AWS specific attacks
  • 31:10
     
    #Amazon's recommended deployment for WordPress showing complexity   
    Amazon's recommended deployment for WordPress showing complexity
  • 32:30
     
    #AWS explosed code complexity vs GNU LibC   
    AWS explosed code complexity vs GNU LibC
  • 34:10
     
    #Reconnaissance in AWS   
    Reconnaissance in AWS
  • 34:47
     
    #Bruteforcing AWS Account IDs   
    Bruteforcing AWS Account IDs
  • 38:08
     
    #Account IDs are often posted public   
    Account IDs are often posted public
  • 39:30
     
    #S3 bucket username logging to get account ID   
    S3 bucket username logging to get account ID
  • 41:32
     
    #S3 bucket discovery   
    S3 bucket discovery
  • 45:00
     
    #Queue names are often posted public   
    Queue names are often posted public
  • 47:20
     
    #AWS credential compromise   
    AWS credential compromise
  • 50:36
     
    #Authenticating through AWS Identity Documents   
    Authenticating through AWS Identity Documents
  • 51:10
     
    #Inter-account sharing   
    Inter-account sharing does not have source validation.
  • 53:20
     
    #AWS Permission enumeration   
    AWS Permission enumeration
  • 57:00
     
    #Lateral movement in AWS   
    Lateral movement in AWS

Fighting the Previous War - Attacking and Defending in the Cloud Era Part 1

Fighting the Previous War - Attacking and Defending in the Cloud Era. Marco Slaviero. Thinkst. AWS.






Community tags: computer_security     HOME     SIGN UP     CONTACT US