AWS Archives

A conceptual image representing misconfigurations, such as the excessive permissions that IAM-Deescalate helps detect and remediate

51,137

people reacted

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege Escalation

By Jay Chen
July 25, 2022 at 6:00 AM

6 min. read

A conceptual image representing a vulnerability in the AWS Log4Shell hot patch. It shows a java symbol inside a container with one door open.

62,281

people reacted

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

By Yuval Avrahami
April 19, 2022 at 3:00 PM

7 min. read

A conceptual image representing cloud misconfigurations, which can often be a vector for attackers such as TeamTNT to perform activities such as enumerating cloud environments.

42,549

people reacted

TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

By Nathaniel Quist
June 4, 2021 at 6:00 AM

13 min. read

This conceptual image illustrates the concept of cloud providers.

28,271

people reacted

Open Source Tool Release: Gaining Novel AWS Access With EBS Direct APIs

By Michael Bailey
January 12, 2021 at 6:00 AM

6 min. read

A conceptual image illustrating finding vulnerabilities on the web. IAMFinder is a custom open source tool that can help organizations identify information leakage in AWS accounts.

35,495

people reacted

IAMFinder: Open Source Tool to Identify Information Leaked from AWS IAM Reconnaissance

By Jay Chen
November 19, 2020 at 12:00 PM

6 min. read

This conceptual image illustrates some of the security and configuration issues involved with the cloud, such as the issue with AWS resource-based policy APIs discussed here.

46,693

people reacted

Information Leakage in AWS Resource-Based Policy APIs

By Jay Chen
November 17, 2020 at 3:00 AM

6 min. read

The conceptual image illustrates the idea of the risks that misconfigured IAM roles can pose for cloud workloads.

36,058

people reacted

Unit 42 Cloud Threat Report: Misconfigured IAM Roles Lead to Thousands of Compromised Cloud Workloads

By Jay Chen
October 8, 2020 at 6:00 AM

15 min. read

This conceptual image illustrates the role of Cloud Service Providers (CSPs) in cloud security.

28,673

people reacted

Unit 42 Cloud Threat Report: CSP Findings on Logging, Encryption and Exposed Services

By Nathaniel Quist
October 7, 2020 at 6:00 AM

7 min. read

This conceptual image illustrates the concept of misconfigurations in the cloud. IAM misconfigurations are a key concern outlined in the Unit 42 Cloud Threat Report, 2H 2020.

38,758

people reacted

Highlights from the Unit 42 Cloud Threat Report, 2H 2020

By Unit 42
October 6, 2020 at 3:00 AM

3 min. read

27,701

people reacted

Gaining Persistency on Vulnerable Lambdas

By Yuval Avrahami
September 2, 2019 at 6:08 AM

10 min. read

57,285

people reacted

Hunting the Public Cloud for Exposed Hosts and Misconfigurations

By Jay Chen
August 12, 2019 at 6:00 AM

11 min. read

44,493

people reacted

TCP SACK Panics Linux Servers

By Unit 42
June 21, 2019 at 7:30 AM

5 min. read

Posts tagged with: AWS

IAM-Deescalate: An Open Source Tool to Help Users Reduce the Risk of Privilege Escalation

AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation

TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations

Open Source Tool Release: Gaining Novel AWS Access With EBS Direct APIs

IAMFinder: Open Source Tool to Identify Information Leaked from AWS IAM Reconnaissance

Information Leakage in AWS Resource-Based Policy APIs

Unit 42 Cloud Threat Report: Misconfigured IAM Roles Lead to Thousands of Compromised Cloud Workloads

Unit 42 Cloud Threat Report: CSP Findings on Logging, Encryption and Exposed Services

Highlights from the Unit 42 Cloud Threat Report, 2H 2020

Gaining Persistency on Vulnerable Lambdas

Hunting the Public Cloud for Exposed Hosts and Misconfigurations

TCP SACK Panics Linux Servers

Popular Resources

Legal Notices

Account

Trending

Popular Resources

Legal Notices

Account