Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore critical security vulnerabilities in cloud service provider architectures through this 28-minute conference talk that examines how rapid cloud service deployment often compromises security practices. Learn about two major security flaws: Universal DNS Zones, where cloud providers use common DNS zones for all customers without ownership distinction, and the dangerous practice of embedding cloud credentials in URL parameters, particularly focusing on Azure SAS token abuse scenarios. Discover how these architectural decisions create opportunities for cloud resource hijacking, dangling resource takeovers, and supply chain attacks that affect both cloud service providers and their customers. Understand the security implications from the perspective of the shared responsibility model, examining how poor practices on both the provider and user sides contribute to system vulnerabilities. Gain insights into newly identified attack scenarios that extend beyond previously published research, covering a comprehensive range of potential exploits targeting cloud-native environments and modern system architectures.
