Michael Pogrebisky
Michael Pogrebisky has more than 20 years of experience in the technology industry where he has served in multiple technical capacities such as solution architect, software developer, technical advisor, and researcher.

Mr. Pogrebisky prides himself on being a creative out-of-the-box thinker and enjoys challenging himself to learn new technologies. One of his favorite professional challenges was serving as the Chief Technologist for the Application Lifecycle Management group at HP Software. Michael holds a degree in Computer Sciences from the prestigious Technion, the Israel Institute of Technology and currently resides in Melbourne, Australia.

Serverless Infections - Malware Just Found a New Home
Technical Level (3 being the highest score): 2

With Lambda by Amazon, Cloud function by Google, and Azure functions by Microsoft, we will definitely be seeing more and more organizations leveraging the advantages introduced by serverless computing. But what does serverless computing entail when it comes to security? With no dedicated server, is the risk higher or lower? Maybe it’s just different. Can malware live inside the code?

Following serverless attack ideas discussed by Rich Jones, we challenged our research team to implement the first-ever RCE (Remote Code Execution) attack in serverless environments that is both stored and viral. Using Amazon’s Lambda as our first test subject, we were able to build a PoC where we show how information extraction and exfiltration is done. We also demonstrated how the payload persists and can be injected into other non-vulnerable functions. We then went ahead and tested to see if the same would work on Azure and Google Cloud.

Join us to:
• Learn how we built self-duplicating attacks that can survive persistently within the code.
• Watch a step by step demonstration of how we infiltrated, infected, and exfiltrated data from a platform running on a serverless environment.

Presentation video can be found HERE