
An Attacker's Approach to Pentesting IBM Cloud - fwd:cloudsec 2021
A walkthrough of the slides presented during the fwd:cloudsec 2021 conference with details of findings and observations across different resources within the IBM cloud platform.
A walkthrough of the slides presented during the fwd:cloudsec 2021 conference with details of findings and observations across different resources within the IBM cloud platform.
Elastic IP addresses are static public IPv4 addresses provided by AWS. These can be moved or re-associated between instances and Elastic Network Adapters easily and hence, are a choice for many users for their public facing applications. This article shares 5 tips that one can consider when working with Elastic IPs.
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
GCP provides various ways by which you can SSH to a Linux compute instance, especially useful when you have firewall rules preventing external access. This article shows the 5 ways to connect to a GCP VM instance using SSH.
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
Last week a vulnerability affecting the most common logging packages in Java, Log4j, was made public, complete with exploit code. The vulnerability is rated with a critical severity rating of 10. Successful exploitation allows for a very uncomplicated remote command execution without requiring any authentication over the Internet resulting in a complete compromise of data and system confidentiality, integrity and availability. This blogpost explains the detection methods, exploitation techniques and mitigation instructions of the vulnerability.