Under certain conditions, an attacker can flood DHCP packets to the victim
VM, allowing it to impersonate the Metadata server, and grant themselves SSH access.
Fri, Jun 25th, 2021
An adversary could gain access to IAM credentials in a victim's account, and make an API request to Elastic Beanstalk (even if they didn't have the proper IAM permissions). This request would be di...
Thu, Jun 3rd, 2021
Azure forces the install of an agent on Linux VMs, which contained a vulnerability
that would grant root RCE if an attacker could send a web request to them. Initially,
Microsoft did not update the...
Tue, Jun 1st, 2021