All Episodes

July 1, 2025 37 mins

https://youtu.be/WXdB-9pTqAU


Speaker: Naor HazizNaor Haziz is a security researcher and low-level developer at Sweet Security with over seven years of experience in vulnerability research, exploit development, and system internals. He holds a degree in Computer Science and previously served as an officer in the IDF Intelligence Corps, leading a team focused on Windows and Linux security. At Sweet Security, he develops the company’s security sensor, designing and implementing high-performance detection capabilities for cloud environments. His work combines low-level development and cloud security research to improve monitoring, threat detection, and defense mechanisms, ensuring robust protection for modern cloud infrastructures against evolving security threats.Talk:Hijacking Privileges in the Cloud: Breaking Role Boundaries in Amazon ECSModern cloud environments rely on fine-grained identity and access management (IAM) to enforce security boundaries. But what happens when those boundaries break? In our research, we uncovered a vulnerability in an undocumented Amazon ECS protocol that allows a low-privileged role running on an EC2 instance to hijack the IAM privileges of higher-privileged containers on the same machine.This talk will explore the technical details of this attack and how it exploits shared infrastructure in containerized environments. In addition, we will provide best practices on avoiding role co-location risks, ensuring that high-privilege tasks are never deployed alongside low-privilege workloads in ways that could allow privilege hijacking.

Mark as Played

Advertise With Us

Popular Podcasts

Stuff You Should Know
24/7 News: The Latest

24/7 News: The Latest

The latest news in 4 minutes updated every hour, every day.

The Joe Rogan Experience

The Joe Rogan Experience

The official podcast of comedian Joe Rogan.

Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

© 2025 iHeartMedia, Inc.