Account Jumping Post Infection Persistency and Lateral Movement AWS

by Dan Amiga, Dor Knafo Sept. 14, 2017 via www.blackhat.com

This session will cover several methods of infection including a new concept - "account jumping" for taking over both PaaS (e.g. ElasticBeans) and IaaS (EC2, EC2 Containers) resources, discussing poisoned AMIs, dirty account transfer, as well as leveraging S3 and CloudFront for performing AWS specific credentials thefts that can easily lead to full account access.

https://www.blackhat.com/us-16/briefings.html#account-jumping-post-infection-persistency-and-late...

Avatar
Steven Ulm 1 month ago

PaaS and IaaS are very specific resources but very vulnerable and easy to "infect". Another great BlackHat presentation!

Reply