The malicious actor can also lie in AWS
The talk opened with discussing the easy access to tools online that support the compromise of websites. One such tool that was discussed, being Google Dorks. Google Dorks is a tool that allows you to search the web for websites that remain vulnerable to security flaws. You can think of this as a flag over houses that depict if a house’s front door is open.
The talk moved on by showing a live demo of a WordPress website. This website was a fresh install running a photo carousel plugin. Using a Web-Shell the demonstration was able to explain how an attacker could upload files to the host. It was also demonstrated how the same technique could be used as a pivoting point for further attacks.
The talk finally concluded with how Alert Logic services, using 24/7 live protection, would help detect such attacks. He explained that Alert Logic offer an array of services, from: Web Application Firewalls (bundled into their Cloud Defender offering) to an AWS exclusive scanning solution, called Cloud Insight.