Back To Schedule
Tuesday, October 13 • 15:15 - 16:00
Man in the Cloud Attack

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

File synchronization services, such as GoogleDrive, DropBox and others are becoming widespread, both with private and corporate use. These applications, while offering great convenience to their users, also provide a hacker with ideal platform for C2 infrastructure. Instead of setting up a new C2 server, an attacker simply needs to open a new cloud storage account, or even use the victims account as the platform.

In our presentation we will examine how common cloud synchronization services can be used by hackers to steal private and corporate data, remain persistent on infected machines and avoid perimeter detection mechanisms. All of this could be done from the attacker’s laptop, without any exploits and without writing server side code.

Objective: Understand risks & mitigations of MitC attacks


Tuesday October 13, 2015 15:15 - 16:00 IDT
Main Auditorium

Attendees (1)