This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Friday, October 11 • 3:30pm - 4:30pm
RT-3019 The Power of Wedging

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

This talk presents "wedging" as the strategic insertion of one's presence either along or at the end of a workflow.
The purpose being to passively receive data or enable quiet enumeration of systems and operations.

Two examples:
1. In research at UpGuard, it has been noted that many large enterprises with unique cloud storage bucket names will juggle those names. Meaning they will register and deregister bucket names with the cloud operator fairly often, which is assumed to be necessary due to caps on the number of bucket names per account. This introduces risk if a malicious actor is monitoring the buckets and realizes the pattern of on/off name toggling. A malicious actor could register a bucket with one of the unique names as soon as it is dropped, but before it is re-registered and then enable universal read/write access. This could then cause the enterprise to assume they had internally registered the bucket yet again and lead to data being written to the bucket by them (which, of course the malicious third party could then access). Versioning controlled by the third party prevents deletion/overwrite attempts even if noticed.
2. Shady political organizations have a tendency to quickly deregister domain ownership when one of their sites is caught up in a scandal. By registering the domain (after the previous owners attempt to wash their hands of it quickly), a third party can set up a catch-all email address at that domain. Any mails directed to that domain, from previous political conspirators will land in the new domain owner's catch-all inbox. This also enables the ability to receive password-reset emails for any accounts which utilized the domain as an email address when registering.

Aspects covered will be the concept itself, how malicious actors can exploit it, how defenders can prevent it, as well as options in responding to incidents of wedging being utilized against your organization.

avatar for Chris Vickery

Chris Vickery

Director of Risk Research, UpGuard
Chris is UpGuard's Director of Risk Research. He is cited as a cyber security expert by The New York Times, Forbes, Reuters, BBC, LA Times, Washington Post, and many other publications. In the course of his work Chris has assisted the MPAA, Thomson Reuters, Microsoft, Citrix, AARP... Read More →

tcs pptx

Friday October 11, 2019 3:30pm - 4:30pm CDT
TEXAS BALLROOM - F Track 2 600 E Market St, San Antonio, TX Floor 4