Checklist
Cloud Penetration Testing Checklist – 2024
Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code.Cloud computing is the shared responsibility of the...
Cloud
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies...
Cloud
CloudSOC – An OpenSource Project for SOC & Security Analysts
Security Operations Centers (SOCs) and security analysts are under immense pressure to stay ahead of potential attacks.Enter CloudSOC, an open-source project designed to...
Cloud
Hackers Exploited Digital Advertising Tools to Launch Malicious Campaigns
Cybersecurity researchers from Mandiant and Google Cloud have uncovered a sophisticated scheme where hackers exploit digital advertising tools to conduct malicious campaigns.These tools, originally...
Cloud
Hackers Abusing Google Cloud For Phishing
Threat actors often attack cloud services for several illicit purposes. Google Cloud is targeted due to its extensive and powerful resources, which could be...
Bug Bounty
New TE.0 HTTP Request Smuggling Flaw Impacts Google Cloud Websites
HTTP Request Smuggling is a flaw in web security that is derived from variations in the way different web servers or intermediaries, such as...
Cloud
Cloud-Based Malware Attack Abusing Google Drive & Dropbox
A phishing email with a malicious zip attachment initiates the attack. The zip contains a single executable disguised as an Excel file using Left-To-Right...
Cloud
Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack
Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw.Many big cloud providers use...
Cloud
New LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM Servers
Researchers have identified a new form of cyberattack termed "LLMjacking," which exploits stolen cloud credentials to hijack cloud-hosted large language models (LLMs).This sophisticated attack...
Cloud
Attackers Leverage Sidecar Container Injection Technique To Stay Stealthy
Kubernetes (K8s) is an open-source container orchestration platform designed to automate application container deployment, scaling, and running. Containers are isolated software packages that are lightweight...
Cloud
Ahoi Attacks – New Attack Breaking VMs With Malicious Interrupts
Ahoy, which is often associated with communicating to ships, has now been playfully adopted in pirate language.We coin 'Ahoi,' an anagram of 'Iago,'...