Featured
Lab: Subdomain Takeover, Part 2 | Discover & remediate
Carlos Vendramini, Security Research Engineer, Normalyze
In the second part of this two-part webinar, Carlos will do a hands-on demonstration of a subdomain takeover attack using open-source tools. This demo will contain two attack vectors: AWS S3 and AWS Elastic Beanstalk. In the end, Carlos will also demonstrate how data security tools can help you protect your cloud environment against Subdomain Takeover attacks.
Subdomain takeover continues to be a major security threat for organizations using the cloud to deliver public services. After setting up their cloud environments, oftentimes, organizations overlook removing the domain name system (DNS), aliases (A record), and canonical names (CNAME record) that are no longer being used. This leads to a dangling domain record that is no longer associated with an active website or an online resource.
All episodes
-
Top 3 Cloud Data Security Adversarial Tactics and How to Fight Them
Abhinav Singh, Lead Security Researcher, Normalyze
Through interoperable cloud services, attackers defeat native security tools and move laterally through the cloud infrastructure.
In this webinar, Abhinav highlights the real cloud data risk chains that lead to account takeover and exposure of sensitive data and shows what can be done to prevent these attacks.
Examples of adversarial tactics include but are not limited to
* Abusing the account organization’s setup to onboard an external account and making it a trusted entity to avoid detection and perform data exfiltration.
*Attacker abuses the cross-account trust relation to move laterally between different accounts leading to a fan-out effect while remaining completely hidden from defense tools like Guardduty.
* An identity-based attack that chains multiple IAM permissions to build an ROP-like privilege escalation scenario and compromise the entire cloud infrastructure. -
Lab: Subdomain Takeover, Part 1 | Identify attack paths
Carlos Vendramini, Security Research Engineer, Normalyze
In the first part of this two-part series, Carlos will go over the current landscape for subdomain takeover by analyzing some bug bounty report statistics and then go over the theory behind how attackers can leverage this flaw to hijack subdomains. Finally, Carlos will discuss several simple actions that can be taken to protect your cloud environment against this vulnerability and give a sneak peek into the hands-on exercises from the upcoming Part 2.
Subdomain takeover continues to be a major security threat for organizations using the cloud to deliver public services. After setting up their cloud environments, oftentimes, organizations overlook removing the domain name system (DNS), aliases (A record), and canonical names (CNAME record) that are no longer being used. This leads to a dangling domain record that is no longer associated with an active website or an online resource.
-
Lab: Subdomain Takeover, Part 2 | Discover & remediate
Carlos Vendramini, Security Research Engineer, Normalyze
In the second part of this two-part webinar, Carlos will do a hands-on demonstration of a subdomain takeover attack using open-source tools. This demo will contain two attack vectors: AWS S3 and AWS Elastic Beanstalk. In the end, Carlos will also demonstrate how data security tools can help you protect your cloud environment against Subdomain Takeover attacks.
Subdomain takeover continues to be a major security threat for organizations using the cloud to deliver public services. After setting up their cloud environments, oftentimes, organizations overlook removing the domain name system (DNS), aliases (A record), and canonical names (CNAME record) that are no longer being used. This leads to a dangling domain record that is no longer associated with an active website or an online resource.