- Видео 88
- Просмотров 25 108
Cloud Village
Индия
Добавлен 28 июл 2020
Cloud Village is an open space to meet folks interested in offensive and defensive aspects of cloud security.
UnOAuthorized: Discovering the path to privilege elevation to Global Administrator
Abstract:
For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?
This talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk ste...
For customers of Microsoft 365 and Azure, obtaining the role of Global Administrator (GA) is every attacker's dream - it is the Domain Administrator of the cloud. This makes Global Administrator every organization's nightmare of being owned by a threat group or hacker. Luckily, well-defined role-based access control and a strict application consent model can severely limit who gets their fingers on Global Administrator - or does it?
This talk explores a novel discovery that resulted in privilege elevation to Global Administrator in Entra ID (Azure AD). Part conversation about the research background, part discussion of the foundational components involved, this talk will walk ste...
Просмотров: 86
Видео
Exploit K8S via Misconfiguration .YAML in CSP environments
Просмотров 102День назад
Slides - www.slideshare.net/slideshow/exploit-k8s-via-misconfiguration-yaml-in-csp-environments/273379601 Abstract: In this presentation, we researched vulnerable security configurations that enable attacks on Kubernetes (K8s) clusters and examined how these settings can be exploited in CNCF projects. Kubernetes (K8s) uses YAML files to manage various security settings, leading to potential att...
ExploitIfNotExists: Privilege Escalation & Persistence with Azure Policy
Просмотров 47День назад
Abstract: The Microsoft Azure threat matrix contains a mysterious and almost empty item: AZT508 - Azure Policy, which suggests this service can break bad but gives almost no details as to how. To quote Microsoft: “Azure Policy helps to enforce organizational standards and to assess compliance at-scale.“ How does this banal sounding service come to be used for attacking Azure users? This talk ai...
Cloud Offensive Breach and Risk Assessment (COBRA)
Просмотров 15614 дней назад
Slides - www.slideshare.net/slideshow/cloud-offensive-breach-and-risk-assessment-cobra/273208057 Abstract: Cloud Offensive Breach and Risk Assessment (COBRA) is an open-source tool designed to empower users to simulate attacks within multi-cloud environments, offering a comprehensive evaluation of security controls. By automating the testing of various threat vectors including external and insi...
One Port to Serve Them All - Google GCP Cloud Shell Abuse
Просмотров 4328 дней назад
Slides - www.slideshare.net/slideshow/one-port-to-serve-them-all-google-gcp-cloud-shell-abuse/272893190 Abstract: The Cloud Shell feature from cloud service providers offers a convenient way to access resources within the cloud, significantly improving the user experience for both administrators and developers. However, even though the spawned instance has a short lifespan, granting excessive p...
The Oracle Awakens: Demystifying Privilege Escalation in the cloud
Просмотров 119Месяц назад
Slides - www.slideshare.net/slideshow/the-oracle-awakens-demystifying-privilege-escalation-in-the-cloud/272820013 Abstract: In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud enviro...
Catch them all! Detection Engineering and Purple Teaming in the Cloud
Просмотров 253Месяц назад
Slides - www.slideshare.net/slideshow/catch-them-all-detection-engineering-and-purple-teaming-in-the-cloud/272701035 Abstract: Where to start looking for attackers in a cloud environment? In a world where cloud providers have hundreds of services and thousands of API calls, getting started can feel overwhelming. In this talk, we lay out the foundations of a modern detection engineering program ...
Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised
Просмотров 2,4 тыс.Месяц назад
Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised
CNAPPGoat A multicloud vulnerable by design infrastructure deployment tool
Просмотров 211Год назад
CNAPPGoat A multicloud vulnerable by design infrastructure deployment tool
Tales from a detection engineering in AWSland
Просмотров 385Год назад
Tales from a detection engineering in AWSland
Security Logging in the cloud, trade offs to consider and patterns to maximise the effectiveness of
Просмотров 113Год назад
Security Logging in the cloud, trade offs to consider and patterns to maximise the effectiveness of
Tag, You're Exposed Exploring Azure Service Tags and their Impact on your Security Boundary
Просмотров 338Год назад
Tag, You're Exposed Exploring Azure Service Tags and their Impact on your Security Boundary
Call Me Phishmael Hunting Sensitive Docker Images in Google Container Registry Leaks
Просмотров 203Год назад
Call Me Phishmael Hunting Sensitive Docker Images in Google Container Registry Leaks
The Human Threat Factor Cloud Security Misconfigurations
Просмотров 89Год назад
The Human Threat Factor Cloud Security Misconfigurations
Bridging the Gap Cloud Threat Intelligence for Detection and Offensive Security Practitioners
Просмотров 114Год назад
Bridging the Gap Cloud Threat Intelligence for Detection and Offensive Security Practitioners
What the Function A Deep Dive into Azure Function App Security
Просмотров 174Год назад
What the Function A Deep Dive into Azure Function App Security
CloudRecon finding ephemeral assets in the cloud
Просмотров 546Год назад
CloudRecon finding ephemeral assets in the cloud
The Rocky Balboa Guide to Security Research Getting Back Up When You Get Knocked Down
Просмотров 187Год назад
The Rocky Balboa Guide to Security Research Getting Back Up When You Get Knocked Down
Google Workspace Red Team Automation with SWAT
Просмотров 156Год назад
Google Workspace Red Team Automation with SWAT
SSO Sloppy, SSO Suspect, SSO Vulnerable
Просмотров 154Год назад
SSO Sloppy, SSO Suspect, SSO Vulnerable
Between a Log and a Hard Place misAdventures in Azure Logs
Просмотров 118Год назад
Between a Log and a Hard Place misAdventures in Azure Logs
Infrastructure as Remote Code Execution
Просмотров 110Год назад
Infrastructure as Remote Code Execution
MetaHub Demo Automating Ownership, Context, and Impact Assessment in Security Findings
Просмотров 130Год назад
MetaHub Demo Automating Ownership, Context, and Impact Assessment in Security Findings
Identifying and securing Firebase vulnerabilities at scale
Просмотров 68Год назад
Identifying and securing Firebase vulnerabilities at scale
From Service Catalog Admin to Account takeover Privilege Escalation with Service Catalog Launch Con
Просмотров 65Год назад
From Service Catalog Admin to Account takeover Privilege Escalation with Service Catalog Launch Con
The Dark Playground of CI:CD Attack Delivery by GitHub Actions
Просмотров 102Год назад
The Dark Playground of CI:CD Attack Delivery by GitHub Actions
Evading Logging in the Cloud Bypassing AWS CloudTrail
Просмотров 356Год назад
Evading Logging in the Cloud Bypassing AWS CloudTrail
Mike, does this also apply to a lab environment with no access to production?
Thanks. Really helped me
You try to give the video more brightness it will be great if you do
i really want to watch this but the audio is really bad :(
This was a blast! Our thanks to the Cloud Village organizers for the amazing event and for putting up with us!
Wow, thanks for this. I really learned a lot from your presentation.
this is a really great session
Great vids, looking forward to more uploads. I think you should check smzeus”.”com to help grow your channel!
This was a lot of fun! Thank you very much to the Cloud Village team for all the great work they put into this year's edition a great success.
This is a great talk. Great job! We should talk about this on my podcast Alexandre!
It would be a pleasure, Ashish! I'll reach out to you on Twitter...