all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Evading Logging in the Cloud: Bypassing AWS CloudTrail

Add to bookmarks
Feb. 5, 2024, 6:27 p.m. | Black Hat

Black Hat www.youtube.com

...In this talk I will explore the attack surface of the AWS API, and share multiple vulnerabilities I discovered that allowed me to bypass CloudTrail logging for different AWS services. These vulnerabilities have now been fixed by AWS....

By: Nick Frichette

Full Abstract and Presentation Materials: https://www.blackhat.com/us-23/briefings/schedule/#evading-logging-in-the-cloud-bypassing-aws-cloudtrail-32741

api attack attack surface aws aws cloudtrail bypass bypassing cloud cloudtrail logging logging in nick services share vulnerabilities

Visit resource

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 3 days, 11 hours ago | www.youtube.com
bhusa blackhat cybersecurity infosec +1
Locknote: Conclusions and Key Takeaways from Day 2 3 weeks, 1 day ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 3 weeks, 1 day ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 3 weeks, 1 day ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 2 days ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 2 days ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 3 weeks, 6 days ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 3 weeks, 6 days ago | www.youtube.com
analysis ask bad codeql +10
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 4 weeks ago | www.youtube.com
attacks call cloudflare detection +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Cloud Security Analyst

@ Cloud Peritus | Bengaluru, India
View on infosec-jobs.com

Cyber Program Manager - CISO- United States – Remote

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Network Security Engineer (AEGIS)

@ Peraton | Virginia Beach, VA, United States
View on infosec-jobs.com

SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Information Systems Security Engineer

@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)
View on infosec-jobs.com
View more jobs