Upon blocking a request, GCP Org policy constraints were logging the deny
logs in Principal''s project and the blocking project. An attacker could use those
logs to exfiltrate any data, by making r...
Wed, Sep 22nd, 2021
If a user with AWS WorkSpaces 3.0.10-3.1.8 installed visits a page in their
web browser with attacker controlled content, the attacker can get zero click
RCE under common circumstances.
Tue, Sep 21st, 2021
Convincing a victim to click a specially crafted link would allow the attacker
to bypass the Identity-Aware Proxy (a core component of BeyondCorp).
Fri, Sep 17th, 2021