报告预览

云上攻防探讨.pdf

编号：162752

PDF 21页 3.38MB 下载积分：VIP专享

下载报告请您先登录！

云上攻防探讨.pdf

1、Jaguar Land Rover Confidential 2024AWS Attack and Defense AWS Attack and Defense Sharing InsightsSharing InsightsC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T2C o n t e n tCloud Security Posture in the Automotive Industry4 Cloud Security RisksReal-World AWS Attack Technique

2、sKey Domains in Cloud Security:A Comprehensive Approach3Cloud Security Posture in Cloud Security Posture in the Automotive Industrythe Automotive IndustryC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T4Upstreams 2024 Report:The Automotive The Automotive Industry Expands Indus

3、try Expands into the Smart into the Smart Mobility Mobility EcosystemEcosystemC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T5A u t o m o t i v e I n c i d e n t s T r e n dA u t o m o t i v e I n c i d e n t s T r e n dAutomotive&Smart Mobility incidents continue to grow2010

4、-2023incidents2023incidents1,4681,468295295*Source:Upstream 2024 Automotive Cybersecurity ReportC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T62 0 2 3 A u t o m o t i v e A t t a c k V e c t o r s2 0 2 3 A u t o m o t i v e A t t a c k V e c t o r sECU,9%EV Charging,4%Cloud,

5、43%API,13%Remote Keyless,7%Infotainment,15%Other,9%2023 Automotive Attack Vectors2023 Automotive Attack Vectors*Source:Upstream 2024 Automotive Cybersecurity ReportCloud+API 50%74 Cloud Security Risks4 Cloud Security RisksC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T84 C l

6、o u d S e c u r i t y R i s k s4 C l o u d S e c u r i t y R i s k sUnmanaged Attack SurfaceHuman ErrorMisconfigurationData Breach4 Cloud 4 Cloud Security Security RisksRisks9RealReal-World AWS Attack World AWS Attack TechniquesTechniquesC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI

7、M P A C T10C y b e r K i l l C h a i n o n A W SC y b e r K i l l C h a i n o n A W S1.Enumeration 1.Enumeration 2.Exploitation2.Exploitation3.Privilege 3.Privilege EscalationEscalation4.Persistence4.Persistence5.Post 5.Post exploitationexploitation6.Profit6.ProfitC U S T O M E R L O V EU N I T YI N

8、 T E G R I T YG R O W T HI M P A C T11E n u m e r a t i o nE n u m e r a t i o nDisclosed AWS credentials on Internet(GitHub,CSDN,Google Drive.)Public access S3 bucketsServer ports exposed to the InternetPublic access web applicationsPublic stored snapshots Disclosed Cognito identityFederated identi

9、tiesC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T12E n u m e r a t i o n S a m p l eE n u m e r a t i o n S a m p l eC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T13I A M A b u s eI A M A b u s eIAM:IAM:CreatePolicyVersionCreatePolicyVersionIAM:IAM:

10、AttachUserPolicyAttachUserPolicyAbused PolicyARN:Abused PolicyARN:arn:aws:iam:aws:policy/AdministratorAccessC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T14S S R FS S R FEC2EC2URI=http:/169.254.169.254/latest/meta-data/iam/security-credentials/$ec2-roleECSECScat/proc/self/en

11、vironhttp:/169.254.170.2/v2/credentials/7d4258cf-f483-464c-8ad1-ad63fbd7ef40C U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T15LambdaLambda/proc/self/environWrite Lambda Write Lambda codecodeCreate/Update Create/Update Lambda Lambda FunctionFunctionInvoke Lambda Invoke Lambda F

12、unctionFunctionS S R FS S R FC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T16Describe DB Public SnapshotRestore DB Instance from DB SnapshotModify security groupsUpdate Database Master PasswordCompromise Database*aws rds modify-db-instance-db-instance-identifier rds-lab-2-ma

13、ster-user-password 1234Qwer!C o m p r o m i s e P u b l i c A W S R D S S n a p s h o tC o m p r o m i s e P u b l i c A W S R D S S n a p s h o tC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T17A W S C r e d e n t i a l s A b u s e b y U s i n g G i t H u b A c t i o n sA W

14、S C r e d e n t i a l s A b u s e b y U s i n g G i t H u b A c t i o n sC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T18D e m o D e m o S 3 o b j e c t s a c c e s s c o n t r o lS 3 o b j e c t s a c c e s s c o n t r o lhttps:/vampiretommybucket- s3 ls s3:/vampiretommybuc

15、ket-1-no-sign-requestaws s3 cp s3:/vampiretommybucket-1/credentials.txt credentials.txt-no-sign-requestaws s3api get-object-acl-bucket vampiretommybucket-1-key credentials.txt-no-sign-requestaws s3api put-object-acl-bucket vampiretommybucket-1-key credentials.txt-grant-read uri=http:/ us-east-1-no-s

16、ign-requestBucket:vampiretommybucket-1Key:credentials.txt19Key Domains in Cloud Key Domains in Cloud Security:A Comprehensive Security:A Comprehensive ApproachApproachC U S T O M E R L O V EU N I T YI N T E G R I T YG R O W T HI M P A C T20K e y D o m a i n s i n C l o u d S e c u r i t y:A C o m p

17、r e h e n s i v e A p p r o a c hK e y D o m a i n s i n C l o u d S e c u r i t y:A C o m p r e h e n s i v e A p p r o a c hExternal ExposureCloud EntitlementsSecure ConfigurationSecure Use of SecretsData SecurityContainer SecurityServerless SecurityVulnerability&Patch ManagementTo safeguard our c

18、loud platform,we must establish a robust cloud security management mechanism.This involves collecting critical logs related to continuous threat monitoring,detection,and response.Below are the key domains in cloud security that demand our attention:1.1.Risk AssessmentRisk Assessment:Identifying pote

19、ntial security risks and assessing their likelihood and impact.2.2.Access ControlAccess Control:Restricting access to authorized users and implementing role-based access control.3.3.Data EncryptionData Encryption:Ensuring sensitive data is encrypted both in transit and at rest.4.4.Network SecurityNe

20、twork Security:Implementing firewalls and other measures to protect against external attacks.5.5.Security MonitoringSecurity Monitoring:Continuously monitoring cloud environments for security breaches.6.6.Incident ResponseIncident Response:Developing plans and procedures to mitigate the impact of security incidents.7.7.ComplianceCompliance:Ensuring cloud security practices align with relevant regulations and standards.21Tommy GuoTommy GuoSenior Security Operation ManagerSenior Security Operation Manager+86 +86

友情提示

1、下载报告失败解决办法
2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。
3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

本文（云上攻防探讨.pdf）为本站（张5G）主动上传，三个皮匠报告文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知三个皮匠报告文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。

上海品茶

云上攻防探讨.pdf

云上攻防探讨.pdf