DeepSec Video: Continuous Intrusion – Why CI Tools Are an Attacker’s Best Friends

René Pfeiffer/ February 24, 2016/ Conference, Security

Software development has made tremendous progress in the past decades. Tools to develop and to deploy applications have evolved. The trouble is that these tools often lack security design. Attacking software distribution channels such as update servers, package managers, and ISO downloads have been discussed widely in the past. What about the new kids on the bloc? Continuous Integration (CI) tools provide excellent attack surfaces due to no/poor security controls, the distributed build management capability and the level of access/privileges in an enterprise. At DeepSec 2015 Nikhil Mittal looked at the CI tools from an attacker’s perspective, using them as portals to get a foothold in a target’s network and for lateral movement. He showed how to execute attacks like command and script execution, credentials stealing, and privilege escalation; how to not only compromise the

Read More