AWS Cloudgoat and mitigation strategies Part 3 This is part 3 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenarios 4 and 5: Scenario 4: Privilege escalation via EC2 instance (iam_privesc_by_attachment) Scenario 5: Privilege escalation via SSRF web application exploit...
Read More
AWS Cloudgoat and mitigation strategies Part 2 This is part 2 of the series on AWS Cloudgoat Scenarios and the mitigation strategies. In this part, we cover Scenarios 2 and 3: Scenario 2: Privilege escalation via AWS Lambda (lambda_privesc) Scenario 3: Misconfigured EC2 Reverse Proxy to S3 Breach...
Read More
Introduction As cloud computing is becoming mainstream, the security concerns associated with it has been increasing as well.Most of the public cloud users understand that this is a shared responsibility between the cloud provider and the users as well. According to Gartner, 95% of all cloud security...
Read More
More than 200,000 websites using WordPress with unpatched open-source code snippets allows attackers to take over WordPress sites due to missing referrer checks on the import menu. (Figures are based on the number of active installations in the WordPress Library). Wordfence researchers explained that “The plugin developer...
Read More
The Learning Lab is a premier learning enrichment centre in Singapore that embraces technology to allow interactions between teachers, students, and parents to extend beyond classrooms. WebOrion is an All-in-One Web Security & Performance Suite that fortifies, accelerate and monitor your websites. Built by our...
Read More
WebOrion is used by a global logistics company with headquarters in Singapore to protect and detect website defacement. Delivered in partnership with Trustwave’s Security Operations Centre (SOC) in Singapore, WebOrion equips analysts with the capability to provide continuous website monitoring service with real-time alert upon detection...
Read More