Director of Research, Lacework Labs
The year is drawing to a close, but we still have a few conferences left! A lot happened this year in Cloud Security. We saw many breaches from misconfigurations to overly permissive policies. We also saw a large focus on securing Cloud Native Technologies for those operating in the public cloud. As we close out the year we have a couple more speaking engagements in November to discuss these topics.
CSA Colorado 2019
On November 7th, 2019, we will be presenting The Hidden War in the Cloud: Attackers Battle for Hijacked Resources. This will be at the CSA-CO 4th Annual Fall Summit in Arvada, CO. During this presentation we discuss the current trends of threat actor groups targeting resources in the cloud. We will give an overview of some of the more notorious groups such as Rocke and 8220 Mining Group. We will then discuss tactics to break in, commence cryptojacking, and eradicate competing groups in the process. For more details on this event check out the website here.
KubeCon North America 2019
Next up after the CSA-CO Fall Summit, is KubeCon North America 2019! We are very excited to be speaking this year. Our talk is titled Prepare to be Boarded! A Tale of Kubernetes, Plunder, and Cryptobooty. You can see it on November 21st at 3:20 PM. Most Kubernetes talks are nautical themed, so it seemed fitting to make this one pirate themed! This talk will be an extension of our talk at DerbyCon 9.0. In it we discuss prior research on misconfigured Kubernetes clusters, attacks we observed in 2019, and connections between these attacks and well known threat actors targeting Cloud Native Technologies.
If we miss you at these events and you would like to learn more please be sure to reach out! Watch our blog for slides and recaps of the events. Follow us on Twitter for the latest updates!