Cloud Persistence: Self-Service Password Reset Exploited! #shorts
About this talk
Attackers exploit cloud self-service password resets by updating recovery info. Investigators might miss this, giving threat actors persistent account access. A hidden persistence method. #CloudSecurity #PasswordReset #ThreatActor #PersistenceTechnique
Show transcript [en]
That's a completely different story, right? And we also say security in for here which we didn't really cover with a print screen, but that is a I think underappreciated persistence technique in the cloud, which is, you know, you have this self-service password reset functionality, and usually you have to have like different factors to do that, and it can be like an alternative email, a phone number, and so on. Um for persistence, the threat actor can update that, and when they want to get back into the account, maybe the investigator forgot to see that those are updated, so they still have control over the account, right? Cuz they can just reset the password.
Related talks
0:38Microsoft Security: Safe PC or Password Risk? #shorts
BSides Frankfurt
0:41IP Geolocation Inaccuracy: Understanding Network Routing #shorts
BSides Frankfurt
0:18Vibe Coding Explained: Simple Rules for Secure Programs #shorts
BSides Frankfurt
0:22Microsoft Shared Folder Error 1272: Security Policy Explained #shorts
BSides Frankfurt
0:25Impossible Game Bot: The Ultimate Training Data Challenge #shorts
BSides Frankfurt
1:22Microsoft Share Error: Security Policies & Honeypot Gold! #shorts
BSides Frankfurt