Logo
Unit42 Logo
  • Tools
  • ATOMs
  • Security Consulting
  • About Us
  • Under Attack?

Category: Cloud

Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)A pictorial representation of the JsonWebToken vulnerability.
75,567
people reacted

Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)

  • By Artur Oleyarsh
  • January 9, 2023 at 6:00 AM

48

7 min. read

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform ResourcesA pictorial representation of PurpleUrchin and cryptomining. Included are the Palo Alto Networks and Unit 42 logos.
24,208
people reacted

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

  • By William Gamazo and Nathaniel Quist
  • January 5, 2023 at 6:00 AM

8

10 min. read

Trending

  • Answers to Unit 42 Wireshark Quiz, January 2023 by Brad Duncan
  • Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats by Zhibin Zhang
  • Unit 42 Wireshark Quiz, January 2023 by Brad Duncan
  • Chinese PlugX Malware Hidden in Your USB Devices? by Mike Harbison
Digging Inside Azure Functions: HyperV Is the Last Line of DefenseA pictorial representation of many storage containers stacked together
34,327
people reacted

Digging Inside Azure Functions: HyperV Is the Last Line of Defense

  • By Daniel Prizmant and Aviv Sasson
  • December 15, 2022 at 6:00 AM

8

10 min. read

Compromised Cloud Compute Credentials: Case Studies From the WildA pictorial representation of a cloud breach
44,650
people reacted

Compromised Cloud Compute Credentials: Case Studies From the Wild

  • By Dror Alon
  • December 8, 2022 at 3:00 PM

36

9 min. read

Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web ServerCloud vulnerabilities conceptual image, covering topics such as OpenLiteSpeed vulnerabilities
55,628
people reacted

Unit 42 Finds Three Vulnerabilities in OpenLiteSpeed Web Server

  • By Artur Avetisyan
  • November 10, 2022 at 6:00 AM

8

5 min. read

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege EscalationA conceptual image representing misconfigurations, such as the excessive permissions that IAM-Deescalate helps detect and remediate
54,185
people reacted

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege Escalation

  • By Jay Chen
  • July 25, 2022 at 6:00 AM

32

6 min. read

FabricScape: Escaping Service Fabric and Taking Over the ClusterA conceptual image representing container security, including FabricScape, the container escape vulnerability discussed here.
56,621
people reacted

FabricScape: Escaping Service Fabric and Taking Over the Cluster

  • By Aviv Sasson
  • June 28, 2022 at 4:30 PM

38

10 min. read

A Look Into Public Clouds From the Ransomware Actor's PerspectiveA conceptual image representing cloud service providers. So far, ransomware in public clouds is rare, partly due to the attention cloud service providers pay to securing their infrastructure.
36,810
people reacted

A Look Into Public Clouds From the Ransomware Actor's Perspective

  • By Jay Chen
  • May 16, 2022 at 6:00 AM

27

14 min. read

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege EscalationA conceptual image representing a vulnerability in the AWS Log4Shell hot patch. It shows a java symbol inside a container with one door open.
68,346
people reacted

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

  • By Yuval Avrahami
  • April 19, 2022 at 3:00 PM

64

7 min. read

Gaining Visibility Within Container ClustersA conceptual image representing containers, including the K8s clusters discussed here.
29,828
people reacted

Gaining Visibility Within Container Clusters

  • By Nathaniel Quist
  • April 15, 2022 at 6:00 AM

28

10 min. read

IAM Your Defense Against Cloud Threats: The Latest Unit 42 Cloud Threat ResearchA conceptual image representing defense against cloud threats
45,289
people reacted

IAM Your Defense Against Cloud Threats: The Latest Unit 42 Cloud Threat Research

  • By Unit 42
  • April 12, 2022 at 3:00 AM

60

5 min. read

2022 Unit 42 Ransomware Threat Report Highlights: Ransomware Remains a Headliner2022 Unit 42 Ransomware Threat Report cover art
47,800
people reacted

2022 Unit 42 Ransomware Threat Report Highlights: Ransomware Remains a Headliner

  • By Unit 42
  • March 24, 2022 at 3:00 AM

38

5 min. read

Container Escape to Shadow Admin: GKE Autopilot VulnerabilitiesA conceptual image representing Kubernetes security, including the GKE Autopilot vulnerabilities discussed here, which, before fixed, could have allowed for container escape leading to a shadow administrator.
45,325
people reacted

Container Escape to Shadow Admin: GKE Autopilot Vulnerabilities

  • By Yuval Avrahami
  • March 8, 2022 at 6:00 AM

33

14 min. read

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?A conceptual image representing container security issues, such as CVE-2022-0492, the Linux vulnerability discussed here.
81,164
people reacted

New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?

  • By Yuval Avrahami
  • March 3, 2022 at 10:00 AM

50

9 min. read

Observing Attacks Against Hundreds of Exposed Services in Public CloudsA conceptual image representing misconfigurations in the cloud, including insecurely exposed services.
56,567
people reacted

Observing Attacks Against Hundreds of Exposed Services in Public Clouds

  • By Jay Chen
  • November 22, 2021 at 12:00 PM

43

7 min. read

Popular Resources

  • Resource Center
  • Blog
  • Communities
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Terms of Use
  • Documents

Account

  • Manage Subscriptions
  •  
  • Report a Vulnerability

© 2023 Palo Alto Networks, Inc. All rights reserved.