Unmasking the Subnet Lookalike IP Ranges in Cloud Environments - Security Risks and Detection
fwd:cloudsec via YouTube
NY State-Licensed Certificates in Design, Coding & AI — Online
Learn Backend Development Part-Time, Online
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn about a critical cloud security vulnerability through this 35-minute conference talk that exposes the risks of lookalike private IP ranges in cloud environments. Discover how cloud users inadvertently configure Security Groups and VPCs with seemingly internal IP ranges that are actually publicly accessible to US cellular networks and potential attackers. Follow along as the speaker demonstrates purchasing a T-Mobile lookalike private IP address and using it with ProxyChains and NMAP to scan AWS ASN for open services. Explore the CloudHunting framework, a community-driven solution that leverages Sigma rules mapped by MITRE ATT&CK to proactively identify misconfigurations and potential threats in cloud environments.
Syllabus
Unmasking the Subnet Lookalike IP Ranges in Cloud Environments - Asaf Aprozper
Taught by
fwd:cloudsec