Tag: cloudsecurity

Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.

An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option using AWS CLI.

An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option.

This academy article provides hands-on guidance on how to setup AWS CLI on Linux. Follow the steps in this article to set up AWS CLI

IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy using AWS CLI.

IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy in AWS.