Data Exfiltration in AWS: Part 2 of Series

January 7, 2019 | Tom D'Aquino

Author: Tom D'Aquino

January 7, 2019 | Tom D'Aquino

Data Exfiltration in AWS: Part 2 of Series

In the previous blog in this four-part blog series, we discussed AWS IAM and how it can be compromised to allow for data exfiltration. In this blog we will drill into data exfiltration. One of the more common issues reported on lately involves EC2 instances running data storage services like Elasticsearch and MongoDB, which by default don't have any…

November 28, 2018 | Tom D'Aquino

IAM and Common Abuses in AWS

This is the first of a 4 part blog series on security issues and monitoring in AWS. Identity and Access Management (IAM) in AWS is basically a roles and permissions management platform. You can create users and associate policies with those users. And once those users are established you get set of keys (access key and a secret key), which allow…

Get the latest security news in your inbox.

Subscribe via Email

January 22, 2015 | Tom D'Aquino

0Day Vulnerability in Adobe Flash being exploited by Angler Exploit Kit - What to Do

A few hours ago, a security researcher, Kafeine, spotted an instance of the Angler Exploit Kit which is exploiting an unpatched vulnerability affecting Adobe Flash. It appears that any version of Internet Explorer or Firefox with any version of Windows can be owned if the latest version (16.0.0.287) of Adobe Flash is installed and enabled. Victims of this type of attack…

Watch a Demo ›
Get Price Free Trial