Log in or Sign up

Cloud AV Can Serve as an Avenue for Exfiltration

Discussion in 'other security issues & news' started by ronjor, Jul 16, 2017.

ronjor Global Moderator

Joined:

Jul 21, 2003

Posts:

164,614

Location:

Texas

Ericka Chickowski 7/14/2017

Black Hat USA researchers show how bad guys can use cloud AV connections to bypass air-gaps and extremely segmented networks to keep stolen data flowing.
Click to expand...

ronjor, Jul 16, 2017

#1
itman Registered Member

Joined:

Jun 22, 2010

Posts:

8,593

Location:

U.S.A.

Not surprised by this in that any external connection can be hijacked given certain conditions exist.

These results should be interesting:

Klein and Kotler plan to also release at Black Hat a tool to carry out their new technique, and they'll offer evidence about how a number of prominent AV products fared against the new attack.
Click to expand...

Last edited: Jul 16, 2017

itman, Jul 16, 2017

#2
Rasheed187 Registered Member

Joined:

Jul 10, 2004

Posts:

17,579

Location:

The Netherlands

I really wonder what the attack will look like. Perhaps they simply inject code into the Cloud AV? But yes, I've always said it's a bad idea to give AV's unrestricted access to the cloud.

Rasheed187, Jul 22, 2017

#3
imdb Registered Member

Joined:

Nov 2, 2011

Posts:

4,208

oh snap. back to signature based av's?

imdb, Jul 22, 2017

#4

(You must log in or sign up to reply here.)

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn More...