Skoudis explained that domain fronting is used by attackers to hide command locations and traces of trade secrets being compromised. Domain fronting allows the functionality of a cloud content delivery network to be spoofed to trick systems into trusting it. To limit the risk of domain compromise, Skoudis advises companies not to blindly trust traffic (both outgoing and incoming) to their cloud providers.
3. Personalized targeted attacks
Heather Mahalik, a senior lecturer at the SANS Institute, warned of the growing risk of targeted attacks. These are designed to gain access to a user’s information through a number of egypt mobile database mechanisms, including by analyzing the data they leave online (social networks, instant messengers, databases) in plain text. Pinpoint monitoring allows hackers to gain access to user accounts. “Many people are too lazy to care about their privacy, but if they looked at the vastness of the Internet, they would be horrified at how much they have revealed about themselves,” she said. Mahalik suggests that users review their cloud settings across various cloud resources and take steps to limit access to personal information.
4. DNS information leak
Johannes Ulrich, Vice-Rector for Academic Affairs and Research at the SANS Institute, emphasized that information that passes through DNS gateways is not protected by default, which opens up the possibility for a potential attacker to view the traffic and understand where it is going. The problem of DNS information leakage can be solved by encrypting DNS traffic over HTTPS. According to Ulrich, this approach also makes it more difficult to detect attackers on the network.
- Board index
- All times are UTC
- Delete cookies
- Contact us