Join us for our upcoming DevSecCon Switzerland event where we will dive deep into the world of cloud security. Get ready to explore the intriguing talk titled “Say What?! You Should Know About Living off the Cloud Attacks.” Discover the common pitfalls in cloud-based security, uncover the hidden vulnerabilities, and learn effective detection and prevention strategies. Don’t miss out on this insightful session that promises to enhance your understanding of cloud security risks. See you at DevSecCon Switzerland!
Location (Vurtual): https://www.youtube.com/live/amTiC5y_SwY
Say What?! You Should Know About Living off the Cloud Attacks
Companies migrating to the cloud underestimate attackers, thinking that they probably run and maintain their own servers for attacking. That narrative leads companies to basing most of their security on IP-feeds. The misconception of allowing trusted cloud applications continues, even though the cybersecurity industry has been aware of the threats it presents for more than a decade: in 2009, researchers revealed the usage of Twitter as a C2. 13 years have passed, but the lesson has not been learned: last April, researchers identified that APT29 was using cloud platforms as both a C2 server and a destination for data exfiltration.
This session will review common cloud-based attacks and why (and where) detection usually fails. Next we will perform a live demo to showcase how malware communicates over API. You will come away from this session with a good understanding of how attacks on these cloud services can be carried out, and the detection and prevention of such attacks.
Join the Community!
If you haven’t joined the Discord community, please do so! You can find us on Discord at: https://devseccon.io/discordcommunity