Subdomain hijacking presents significant security risks to organizations. Everything from credential theft to phishing can be made possible with a few keystrokes and click of a mouse. This talk focuses on how these risks materialize within an AWS cloud environment, how to enumerate their existence, and options to quickly mitigate them.
Ireferred AWS official study guide for AWS solution architecture that is just summary so if you wanna take the certificate, so please study by an official guide
AVTOKYO2018 - Revealing hidden data behind cloud frontMitsuyoshi Ozaki
Amazon CloudFront is a content delivery network (CDN) service. It provides several configurations so that it can deliver contents to clients with high transfer speeds, or ease to access. However, misconfigurations may cause a security issue.
We found a curious host which was accessible only via CloudFront during our penetration test project. Also we identified someone stored sensitive information such as FTP hostname and credentials on the host. This session shows the issue and further research to specify the cause of the issue and attempt to find some more curious hosts.
AWS Česko-Slovenský Webinár 03: Vývoj v AWSVladimir Simek
Služba Amazon Web Services poskytuje vysoce spolehlivou, škálovatelnou a nízkorozpočtovou cloudovou platformu, kterou používají stovky tisíc firem v 190 zemích po celém světě. Startupy, malé a střední podniky, velké enterprise firmy a zákazníci ve veřejném sektoru mají přístup ke stavebním kamenům, které slouží na rychlý vývoj aplikací jako reakce na měnící se obchodní požadavky. Bez ohledu na to, zda chcete vytvářet webové nebo mobilní aplikace, prípadně postavené na klasických serverech či kontejnerech, AWS davá vývojářům do rukou mnoho nástrojů, které jim pomáhají vytvářet a nasazovat aplikace jednoduše, rychle a při nízkých nákladech.
Ireferred AWS official study guide for AWS solution architecture that is just summary so if you wanna take the certificate, so please study by an official guide
AVTOKYO2018 - Revealing hidden data behind cloud frontMitsuyoshi Ozaki
Amazon CloudFront is a content delivery network (CDN) service. It provides several configurations so that it can deliver contents to clients with high transfer speeds, or ease to access. However, misconfigurations may cause a security issue.
We found a curious host which was accessible only via CloudFront during our penetration test project. Also we identified someone stored sensitive information such as FTP hostname and credentials on the host. This session shows the issue and further research to specify the cause of the issue and attempt to find some more curious hosts.
AWS Česko-Slovenský Webinár 03: Vývoj v AWSVladimir Simek
Služba Amazon Web Services poskytuje vysoce spolehlivou, škálovatelnou a nízkorozpočtovou cloudovou platformu, kterou používají stovky tisíc firem v 190 zemích po celém světě. Startupy, malé a střední podniky, velké enterprise firmy a zákazníci ve veřejném sektoru mají přístup ke stavebním kamenům, které slouží na rychlý vývoj aplikací jako reakce na měnící se obchodní požadavky. Bez ohledu na to, zda chcete vytvářet webové nebo mobilní aplikace, prípadně postavené na klasických serverech či kontejnerech, AWS davá vývojářům do rukou mnoho nástrojů, které jim pomáhají vytvářet a nasazovat aplikace jednoduše, rychle a při nízkých nákladech.
Looking for Best AWS Training institute in CHennai? Visit FITA - Leading AWS Training Centre in Chennai offer AWS Course with Real Time Project Knowledge.
https://www.fita.in/amazon-web-services-training-in-chennai/
(STG206) Using Amazon CloudFront For Your Websites & AppsAmazon Web Services
"Amazon CloudFront, the AWS Content Delivery Network (CDN), can be used to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations.
In this technical session, learn directly from CloudFront engineers on how you can improve the performance, availability, and cacheability of your website or application. Several topics will be explored in a series of flash talks including: Best Practices for Setting up Your Origin, How to Gain Visibility into Your Distribution Using Real-Time Metrics & Analytics, How to Improve Cacheability, and How to Test Your Configuration. This session assumes a working knowledge of CDN."
When bringing any new technology into an enterprise, security is of course a paramount concern. Let’s go “under the hood” and examine in detail how to use data encryption in Azure Storage Service
AWS Webcast - Best Practices for Content Delivery using Amazon CloudFrontAmazon Web Services
Amazon CloudFront offers a simple, cost-effective way to improve the performance, reliability and global reach of your entire website for both static content and the dynamic portions of your site that change for each end user. In this webinar, you will learn some best practices for using Amazon CloudFront to architect a highly reliable and high-performing website. You will also learn how you can use Amazon CloudFront to deliver content securely, how you can customize content based on device or geo, and learn how use can use CloudFront tools such as our reports and analytics to help you continuously optimize your content. If you are an AWS customer, you will also learn some best practices on how you can use Amazon CloudFront to improve delivery of static or dynamic content originating from AWS services such as Amazon S3, Elastic Load Balancing (ELB), or Amazon EC2.
Learning Objectives:
• Best practices for delivering your whole website on Amazon CloudFront
• Best practices to deliver content securely via Amazon CloudFront
• Best practices to deliver content from AWS services such as Amazon S3, Amazon EC2 and Elastic Load Balancing using Amazon CloudFront
Who Should Attend:
• All AWS (S3, EC2, or ELB) customers who have some data transfer to internet
• All Amazon CloudFront customers
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Amazon Web Services
Learn more about AWS Lambda@Edge (https://aws.amazon.com/lambda/edge/) and Amazon CloudFront (https://aws.amazon.com/cloudfront/).
Attend this session to dive deeper into AWS content delivery service and Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients.
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
If your business runs entirely on AWS, your AWS account is one of your most critical assets. Just as you might run an intrusion detection system in your on-premises network, you should monitor activity in your AWS account to detect abnormal behavior. This session walks you through leveraging unique capabilities in AWS that you can use to detect and respond to changes in your environment.
With the advent of high definition, on-demand digital media, media and entertainment companies are challenged to evolve their IT infrastructure fast enough to keep up with the demands of their customers. Check out this presentation to learn how you can make use of the economical, elastic, and on-demand compute and storage capacity that AWS offers to address the challenges faced by media & entertainment companies.
You can see a recording of the webinar based on this presentation on YouTube here:
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
Attendees will learn the best web application security practices used by major US government entities. The presentation will cover network configuration, caching, replication, common web application vulnerabilities, and how making these changes will result in better web site performance and user satisfaction. The five most common types of web application attacks will be explained, along with simple ways to prevent them.
Hybrid integration with self hosted azure api gateways - published v1.0Nikolai Blackie
An introduction to the Azure API Management self-hosted gateways preview. A walk-through of the architecture, physical deployment model and patterns enabled. Finishing up with a demo of the self-hosted gateway and the hybrid integration capabilities.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Looking for Best AWS Training institute in CHennai? Visit FITA - Leading AWS Training Centre in Chennai offer AWS Course with Real Time Project Knowledge.
https://www.fita.in/amazon-web-services-training-in-chennai/
(STG206) Using Amazon CloudFront For Your Websites & AppsAmazon Web Services
"Amazon CloudFront, the AWS Content Delivery Network (CDN), can be used to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations.
In this technical session, learn directly from CloudFront engineers on how you can improve the performance, availability, and cacheability of your website or application. Several topics will be explored in a series of flash talks including: Best Practices for Setting up Your Origin, How to Gain Visibility into Your Distribution Using Real-Time Metrics & Analytics, How to Improve Cacheability, and How to Test Your Configuration. This session assumes a working knowledge of CDN."
When bringing any new technology into an enterprise, security is of course a paramount concern. Let’s go “under the hood” and examine in detail how to use data encryption in Azure Storage Service
AWS Webcast - Best Practices for Content Delivery using Amazon CloudFrontAmazon Web Services
Amazon CloudFront offers a simple, cost-effective way to improve the performance, reliability and global reach of your entire website for both static content and the dynamic portions of your site that change for each end user. In this webinar, you will learn some best practices for using Amazon CloudFront to architect a highly reliable and high-performing website. You will also learn how you can use Amazon CloudFront to deliver content securely, how you can customize content based on device or geo, and learn how use can use CloudFront tools such as our reports and analytics to help you continuously optimize your content. If you are an AWS customer, you will also learn some best practices on how you can use Amazon CloudFront to improve delivery of static or dynamic content originating from AWS services such as Amazon S3, Elastic Load Balancing (ELB), or Amazon EC2.
Learning Objectives:
• Best practices for delivering your whole website on Amazon CloudFront
• Best practices to deliver content securely via Amazon CloudFront
• Best practices to deliver content from AWS services such as Amazon S3, Amazon EC2 and Elastic Load Balancing using Amazon CloudFront
Who Should Attend:
• All AWS (S3, EC2, or ELB) customers who have some data transfer to internet
• All Amazon CloudFront customers
Deep Dive on Accelerating Content, APIs, and Applications with Amazon CloudFr...Amazon Web Services
Learn more about AWS Lambda@Edge (https://aws.amazon.com/lambda/edge/) and Amazon CloudFront (https://aws.amazon.com/cloudfront/).
Attend this session to dive deeper into AWS content delivery service and Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients.
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
If your business runs entirely on AWS, your AWS account is one of your most critical assets. Just as you might run an intrusion detection system in your on-premises network, you should monitor activity in your AWS account to detect abnormal behavior. This session walks you through leveraging unique capabilities in AWS that you can use to detect and respond to changes in your environment.
With the advent of high definition, on-demand digital media, media and entertainment companies are challenged to evolve their IT infrastructure fast enough to keep up with the demands of their customers. Check out this presentation to learn how you can make use of the economical, elastic, and on-demand compute and storage capacity that AWS offers to address the challenges faced by media & entertainment companies.
You can see a recording of the webinar based on this presentation on YouTube here:
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
Attendees will learn the best web application security practices used by major US government entities. The presentation will cover network configuration, caching, replication, common web application vulnerabilities, and how making these changes will result in better web site performance and user satisfaction. The five most common types of web application attacks will be explained, along with simple ways to prevent them.
Hybrid integration with self hosted azure api gateways - published v1.0Nikolai Blackie
An introduction to the Azure API Management self-hosted gateways preview. A walk-through of the architecture, physical deployment model and patterns enabled. Finishing up with a demo of the self-hosted gateway and the hybrid integration capabilities.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. Agenda
• Who are you?
• What is subdomain hijacking?
• What is Route53, CloudFront, and S3?
• How I can exploit these services?
• Is there a live demo?
6. Subdomain Hijacking
• Acme, Inc.
• Sells explosive bird seed on e-commerce site
• Chooses shop.acme.com for DNS resolution
• Outsources e-commerce functionality to service provider
• Magento, Shopify, YoKart, Volusion, et. al.
• Provider’s store URL
• Acme chooses acme.ecommerce.provider.com
• UX implementation options
• 301/302 HTTP redirect
• DNS CNAME record
7. Subdomain Hijacking
root@unknown$ dig shop.acme.com
…
;;QUESTION SECTION:
;shop.acme.com. IN A
;;ANSWER SECTION:
shop.acme.com. 1234 IN CNAME acme.ecommerce.provider.com. 86
acme.ecommerce.provider.com. IN A 12.34.56.78 Acme Controlled
8. Subdomain Hijacking
• Explosive bird seed was a bad product idea
• Who knew?!?
• Acme cancels their service provider subscription…
• …but doesn’t delete the CNAME for shop.acme.com
• Attacker creates account with provider
• Registers acme.ecommerce.provider.com as site URL
• All content rendered at shop.acme.com now under attacker’s control
9. Subdomain Hijacking
root@unknown$ dig shop.acme.com
…
;;QUESTION SECTION:
;shop.acme.com. IN A
;;ANSWER SECTION:
shop.acme.com. 1234 IN CNAME acme.ecommerce.provider.com. 86
acme.ecommerce.provider.com. IN A 12.34.56.78 Attacker Controlled
12. Route53, CloudFront, and S3
• Route 53
• AWS managed DNS service
• Scalable, distributed, highly resilient
• Supports traffic routing policies
• CloudFront
• AWS managed CDN service
• Minimizes latency of static and dynamic web content
• Delivery via worldwide network of data centers
• S3
• AWS object storage managed service
• Highly scalable, fast, inexpensive
• Tiered redundancy model
13. Route53 Features
• Alias Records
• Similar to an A record with CNAME functionality
• Visible as Alias only through R53 console or API
• Appears as A record when publicly resolved
• Resource Targets
• Elastic Beanstalk
• Application / Elastic Load Balancer (ALB/ELB)
• Simple Storage Service (S3)
• Route53
• CloudFront
14. CloudFront Features
• CNAMES
• Similar to HTTP name-based virtual hosts
• Distribution domain names not very user friendly
• Ex., d22kkcjurirtnq.cloudfront.net — look familiar?
• Global namespaces!
• Supports apex and subdomain wildcards
• Wait… what?!?
• No 1:1 mapping between distribution and content origin
• Wait… what?!?
• Content Origins
• S3 and Elastic Load Balancers
• Supports web and RTMP distributions
• Object access controlled via Origin Access Identity (OAI)
15. S3 Features
• Objects and Buckets
• Data/metadata in logical storage unit
• Both support ACL’s and IAM policy enforcement
• DAR encryption using S3-C, S3-SSE, S3-KMS
17. CloudFront Distributions
root@unknown$ dig cname.lab.prevade.com
…
;; QUESTION SECTION:
;test.lab.prevade.com. IN A
;; ANSWER SECTION:
test.lab.prevade.com. 41 IN A 52.84.31.189
test.lab.prevade.com. 41 IN A 52.84.31.233
test.lab.prevade.com. 41 IN A 52.84.31.154
24. Exploitation
• Squatting
• Enumerate AWS customers through OSINT
• Create S3 bucket names for apex and vanity subdomains
• Create CloudFront CNAME’s for apex and vanity subdomains
• Risks
• Inability to use apex, subdomains, bucket within AWS
• Development pipeline disruption
• Legal precedents and recourse for recovery
25. Mitigation and Remediation
• Squat Your Own S3 buckets and CloudFront CNAME’s
• Global namespace = race condition
• Apex » wildcard » subdomain
• Fix Decoupled CloudFront/S3 and Route53/CloudFront
• Delete or modify
• Validate CI/CD dependencies!
• Enumerate decoupled Route53 and CloudFront (S3 coming soon!)
• CloudJack — https://github.com/prevade/cloudjack