Cloud & Platform Security 17/January/2024 Privilege escalation with IAM on AWS Privilege escalation in AWS consists of having sufficient permissions for administrative access to an organization
Cloud & Platform Security 12/July/2023 The importance of establishing new perimeters surrounding the cloud The addition of Single Points of Access (SOPs) for AWS aims to reduce vulnerability exploitation by using administrative users in AWS
Cloud & Platform Security 14/September/2022 Attacks via Misconfiguration on Kubernetes Orchestrators Kubernetes makes it easy to create, delete, and manage these containers. With just one command, you can replicate the action on all the required containers
Cloud & Platform Security 08/June/2022 Unwanted Permissions that may impact security when using the ReadOnlyAccess policy in AWS With this initial analysis, Tempest researchers identified at least 41 actions that can lead to improper data access
Cloud & Platform Security 25/January/2022 Unauth root account email discovery with AWS organizations From the information previously discovered, it's possible to get equipped with information to carry out the next phases and moves of the attack
Cloud & Platform Security 28/October/2021 Enumerating Services in AWS Accounts in an Anonymous and Unauthenticated Manner In recent research, we adjusted a enumeration technique used for years to map services on a AWS account to just its account id and with unauthenticated form
Cloud & Platform Security 12/March/2021 Good security practices using Docker Security must be considered at all levels of a project, from code development to the infrastructure where it will run.
Cloud & Platform Security 17/January/2024 Privilege escalation with IAM on AWS Privilege escalation in AWS consists of having sufficient permissions for administrative access to an organization
Cloud & Platform Security 12/July/2023 The importance of establishing new perimeters surrounding the cloud The addition of Single Points of Access (SOPs) for AWS aims to reduce vulnerability exploitation by using administrative users in AWS
Cloud & Platform Security 14/September/2022 Attacks via Misconfiguration on Kubernetes Orchestrators Kubernetes makes it easy to create, delete, and manage these containers. With just one command, you can replicate the action on all the required containers
Cloud & Platform Security 08/June/2022 Unwanted Permissions that may impact security when using the ReadOnlyAccess policy in AWS With this initial analysis, Tempest researchers identified at least 41 actions that can lead to improper data access
Cloud & Platform Security 25/January/2022 Unauth root account email discovery with AWS organizations From the information previously discovered, it's possible to get equipped with information to carry out the next phases and moves of the attack
Cloud & Platform Security 28/October/2021 Enumerating Services in AWS Accounts in an Anonymous and Unauthenticated Manner In recent research, we adjusted a enumeration technique used for years to map services on a AWS account to just its account id and with unauthenticated form
Cloud & Platform Security 12/March/2021 Good security practices using Docker Security must be considered at all levels of a project, from code development to the infrastructure where it will run.