This post continues the series of highlights from our recent BlackHat USA 2017 talk. An index of all the posts in the series is here. Introduction Before today’s public clouds, best practice was to store logs separately from the host that generated them. If the host was compromised, the logs stored off it would have a better chance of being preserved. At a cloud provider like AWS, a storage service within an account holds your activity logs. A sufficiently thorough …
Month: August 2017
This is the first post in a series highlighting bits from our recent BlackHat USA 2017 talk. An index of all the posts in the series is here. Introduction In this post we’ll be looking at ways to compromise your developers that you probably aren’t defending against, by exploiting the plugins in their editors. We will therefore be exploring Atom, Atom plugins, how they work and the security shortfalls they expose.Targeting developers seems like a good idea (targeting sysadmins is so 2014). …
[Update: jump to the end of the page for the series index] Late July found Haroon and I sweating buckets inside an 8th storey Las Vegas hotel room. Our perspiration was due not to the malevolent heat outside but to the 189 slides we were building for BlackHat 2017. Modifications to the slidedeck continued until just before the talk, and we’re now posting a link to the final deck. Spoiler alert: it’s at the bottom of this post. A few years …