防御 JavaGhost：防止云环境遭受网络攻击.pdf

《防御 JavaGhost：防止云环境遭受网络攻击.pdf》由会员分享，可在线阅读，更多相关《防御 JavaGhost：防止云环境遭受网络攻击.pdf（19页珍藏版）》请在三个皮匠报告上搜索。

1、 2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.Defending AgainstJavaGhostPreventing Abuse of Your Cloud Environments for Cyber AttacksOctober 2025Margaret Kelley 2025 P

2、alo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.IntroductionJavaGhost TTPsDetecting JavaGhostAgendaJavaGhost backgroundProtecting against JavaGhost 2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.ExperiencePalo Alto Networks

3、 Unit 42 Principal Cloud Incident ResponderSecurian Financial Cybersecurity and cloud engineeringPublications and SpeakingBlack Hat USA Presenter 2023re:Inforce 2025Threat Vector Podcast guest episode 49Unit 42 Blog publications:Cloud Logging for Security and BeyondJavaGhosts Persistent Phishing Att

4、acks From the CloudBling Libras Tactical Evolution:The Threat Actor Group Behind ShinyHunters RansomwareLeaked Environment Variables Allow Large-Scale Extortion Operation in Cloud EnvironmentsMuddled Libras Evolution to the CloudWhen a Zero Day and Access Keys Collide in the Cloud:Responding to the

5、SugarCRM Zero-Day VulnerabilityCertifications:GCFR,GSEC,GCIH,GCFA,GBFAIntroduction 2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.JavaGhost Background 2025 Palo Alto Net

6、works,Inc.All rights reserved.Proprietary and confidential information.2025 Palo Alto Networks,Inc.All rights reserved.Proprietary and confidential information.JavaGhost BackgroundIndustryVariousThreat ActorJavaGhostTypeCloudTacticsExposed credential access,sophisticated persistence,resource abuse,p