Step-by-step guides about
Cloud Security

A guide to help you discover vulnerable Log4j packages across multiple Linux machines using scripting and the AWS SSM to run commands remotely

The knowledge of all public IP addresses across different services within AWS is a good way to get started with understanding what the attack footprint of an organisation looks like. This article describes fetching this information using both, the web console and the CLI.

Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.

The MITRE ATT&CK framework provides a knowledgebase of adversary tactics and techniques. In this post, we see how Microsoft applied the attack matrix to K8S.

This is the fifth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Defense Evasion tactic with examples.

This is the eighth part of a nine part series on the MITRE ATT&CK framework for Kubernetes, covering the Lateral Movement tactic with examples.