GuardDuty detected CloudTrail being outright disabled, but did not detect if an attacker with the
necessary permissions filtered out all events from CloudTrail via PutEventSelectors, resulting in
Thu, Apr 23rd, 2020
Google Cloudshell leveraged websockets without validating that the origin matched the current instance host.
An attacker could therefore host a CSWSH attack on a Cloudshell instance they own, disab...
Wed, Mar 11th, 2020
A Vulnerability in App Service could allow an unprivileged function run by the user to execute code in the
context of NT AUTHORITY\system, thereby escaping the sandbox. This vulnerability allowed ...
Thu, Jan 30th, 2020