Resource policies lacked a way of restricting service access to only your
own account, allowing an attacker to leverage a service to potentially access
your resources. Originally discovered by Dan ...
Wed, Nov 28th, 2018
Attackers had put malicious AMIs in the marketplace to abuse the CLI''s
way of selecting what AMI to use. Although the concept of planting malicious
AMIs had existed for a while (ex. in the 2009 p...
Mon, Aug 13th, 2018
Patrick Hudak demonstrated possible subdomain takeover using the Traffic Manager in Azure.
Fri, Aug 10th, 2018