Jimmy Su is currently a cybersecurity researcher at CyCraft. He is also a graduate student in Information Security at NTHU. He specializes in AD and AAD security and holds professional certifications in eJPT and CRTO. He has been a speaker at SECCON, government sectors, and academic institutions.
This session will focus on cloud and on-premises hybrid attacks, adopting the perspective of attackers. It will explore the scenario where, after breaching a corporate network, the attacker is unable to obtain valid credentials for lateral movement on-premises. Nevertheless, they can still employ techniques such as Pass the PRT to vertically penetrate into the corporate cloud. Furthermore, by abusing mechanisms like Cloud Kerberos Trust and Hybrid Device Join, especially after gaining cloud admin privileges through privilege escalation tactics, the attacker can inversely breach into the corporate on-premises network.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。