Keynote | Hacking the Cloud Like an APT | allinfosecnews.com

Dec. 15, 2023, 10:20 p.m. | SANS Offensive Operations

SANS Offensive Operations www.youtube.com

On-premises to cloud lateral movement should be one of the top techniques in a red teamer’s arsenal. Difficult to detect and pervasive in nature, these techniques attract the likes of APT groups like Nobellium who have increased their focus on abusing identity federation. Techniques like Golden SAML and AD FS skeleton keys provide threat actors the double-edged sword of combining both lateral movement and privilege escalation into a single technique – with the added benefit of leaving little trace in …

abusing ad fs apt apt groups arsenal cloud detect federation focus golden hacking identity identity federation keynote keys lateral movement nature saml skeleton techniques

More from www.youtube.com / SANS Offensive Operations

Mastering Adversary Emulation with Caldera: A Practical Guide 2 months ago | www.youtube.com

adversary adversary emulation application bolster +16

The Second Rule of Hacking: There Are No Rules 2 months ago | www.youtube.com

attacks block businesses cat +13

From Pentest to Red Team: Overview of The Necessary Skills and Breakdown of Frameworks 2 months ago | www.youtube.com

dave frameworks guide informative +10

OT Pen-testing: How Not to Sink an Oil Rig 2 months ago | www.youtube.com

adversary adversary emulation application bolster +19

Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster 2 months ago | www.youtube.com

assessment attacks author course +16

SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months, 2 weeks ago | www.youtube.com

austin cybersecurity cybersecurity innovation cybersecurity training +20

SANS Pen Test 2024: A Sneak Peek Into All That's in Store! 2 months, 3 weeks ago | www.youtube.com

austin cybersecurity cybersecurity innovation cybersecurity training +20

Learn About SEC565: Red Team Operations and Adversary Emulation 3 months, 2 weeks ago | www.youtube.com

adversary adversary emulation course emulation +21

A Compendium of Exploits and Bypasses for eBPF-based Cloud Security 5 months ago | www.youtube.com

basic cloud cloud security ebpf +13

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com