Hiding Malware in Docker Images for AWS Hardcore Persistence and Defense Evasion

Let’s build an AWS Backdoor that can evade all detection mechanisms existing so far. Are you up to the challenge?
Our objective is to execute commands against an AWS tenant from a remote location without being detected by AWS mechanisms like GuardDuty and minimizing our fingerprint in CloudTrail API call logs.
To achieve this I am going to explore a technology stack that besides it's availability is not being widely used: Running Docker containers within lambda functions in a full serverless approach.

Día : 14/11/2024
Horario : 11:15 a 12:00
Sala : C1
Tipo de actividad / Proposed Activity : Talk
Nivel de audiencia / Target Audience : Avanzado / Advanced

Speaker 1

Santiago Abastante

Ex-Police Officer, Cloud Security Engineer, Incident Responder and Digital Nomad from Argentina. Now I'm building the first Cloud Security, detection and response platform for the smallest companies, for the one team army startups, for the people.