BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//E9KCK3
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-fwd-cloudsec-2026-J93BTG@pretalx.com
DTSTART;TZID=PST:20260602T093000
DTEND;TZID=PST:20260602T095000
DESCRIPTION:As organizations scale their cloud presence\, the complexity of
  data movement grows exponentially. Modern cloud architectures rely on a "
 configure and forget" approach for streaming sensitive data. But what if t
 he trust established at the moment of configuration is static\, while the 
 cloud environment itself is dynamic?\n\nThis session introduces a novel da
 ta hijacking technique targeting a systematic architectural flaw present a
 cross multiple major cloud providers. Our research reveals a critical deco
 upling between service configurations and resource ownership verification.
  We have identified an attack technique where high-value data streams cont
 inue to honor original routing instructions even when the destination envi
 ronment undergoes fundamental changes in ownership or state.\n\nBy analyzi
 ng multiple services across different cloud ecosystems\, we show that this
  isn't a localized bug\, but a shared architectural blind spot in how clou
 d providers handle resource identity\, making this attack technique releva
 nt for multiple services and multiple cloud providers. \n\nAttendees will 
 gain insight into how fundamental architectural design choices made by clo
 ud providers directly influence the security boundaries of their environme
 nts. A key takeaway is that while cloud platforms are often viewed as dist
 inct ecosystems\, their shared design decisions allow identical attack tec
 hniques to be applied across providers\, turning a specific architectural 
 observation into a cross-cloud exploitation methodology.
DTSTAMP:20260502T113340Z
LOCATION:Room 1
SUMMARY:The Double Trouble: One Architectural Sin\, Two Clouds\, and a Univ
 ersal Attack Technique for Data Hijacking - Yahav Festinger
URL:https://pretalx.com/fwd-cloudsec-2026/talk/J93BTG/
END:VEVENT
END:VCALENDAR