DEF CON 27 - Finding Secrets In Publicly Exposed EBS Volumes

Date & Time:
Past Event
Speaker:
Default Generic Event Open Graph

Did you know that Elastic Block Storage (Amazon EBS) has a "public" mode that makes your virtual hard disk available to anyone on the internet? Apparently hundreds of thousands of others didn't either, because they're out there exposing secrets for everyone to see.

I tore apart the petabytes of data for you and have some dirty laundry to air: encryption keys, passwords, authentication tokens, PII, you name it and it's here. Whole (virtual) hard drives to live sites and apps, just sitting there for anyone to read. So much data in fact that I had to invent a custom system to process it all.

There's a massive Wall of Sheep out there on the internet, and you might not have even noticed that you're on it. Actually, you should stop reading and go check that out right now.

See Ben Morris present on AWS security at DEF CON 27.


Benjamin morris

About the speaker, Ben Morris

Benjamin Morris is a former Security Associate at Bishop Fox.
More by Ben

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.