go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents

Impact This vulnerability only affects users of the AWS attestor. Users of the AWS attestor could have unknowingly received a forged identity document. While this may seem unlikely, AWS recently issued a security bulletin about IMDS Instance Metadata Service impersonation.^1 There are multiple...

Daas unable to create host connection with error: "URL invalid"

Unable to create a host connection to AWS EC2 and on-premises hypervisors XenServer, VMWare, etc. with invalid URL or authentication failure when a proxy has been configured for the Network Service account...

Ladder v0.0.21 - Server-side request forgery Vulnerability

Exploit Title: Ladder v0.0.21 - Server-side request forgery SSRF Date: 2024-01-20 Exploit Author: @chebuya Software Link: https://github.com/everywall/ladder Version: v0.0.1 - v0.0.21 Tested on: Ubuntu 20.04.6 LTS on AWS EC2 ami-0fd63e471b04e22d0 CVE: CVE-2024-27620 Description: Ladder fails to...

Ladder 0.0.21 Server-Side Request Forgery

Exploit Title: Ladder v0.0.21 Server-side request forgery SSRF Date: 2024-01-20 Exploit Author: @chebuya Software Link: https://github.com/everywall/ladder Version: v0.0.1 - v0.0.21 Tested on: Ubuntu 20.04.6 LTS on AWS EC2 ami-0fd63e471b04e22d0 CVE: CVE-2024-27620 Description: Ladder fails to app...

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services AWS Elastic Compute Cloud EC2 instances to carry out illicit crypto mining operations. Cloud security company's Permiso P0 Labs, which first detected the group in November 2021, has assigned...

Threat Actors Target AWS EC2 Workloads to Steal Credentials

We found malicious samples attempting to steal Amazon Elastic Compute Cloud EC2 Workloads' access keys and tokens via typosquatting and the abuse of legitimate tools...

Metabadger - Prevent SSRF Attacks On AWS EC2 Via Automated Upgrades To The More Secure Instance Metadata Service V2 (IMDSv2)

Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 IMDSv2. Metabadger Purpose and functionality Diagnose and evaluate your current usage of the AWS Instance Metadata Service along with understanding how the service works Prepare you to upgrade t...

8x8: Subdomain takeover of ████.jitsi.net

Summary █████.jitsi.net points to an AWS EC2 instance at 18.195.93.116 that no longer exists. I was able to take control of this IP address and run my own EC2 instance. I can now serve content on this domain, obtain a TLS certificate for this domain, etc. If any customers or servers are pointing ...

Zomato: Subdomain takeover of fr1.vpn.zomans.com

Summary fr1.vpn.zomans.com points to an AWS EC2 instance at 52.47.57.107 that no longer exists. I was able to take control of this IP address and run my own EC2 instance. I can now serve content on this domain, obtain a TLS certificate for this domain, etc. If any customers or servers are pointin...

Zego: Subdomain takeover of v.zego.com

Summary v.zego.com points to an AWS EC2 instance at 52.214.138.192 that no longer exists. I was able to take control of this IP address and run my own EC2 instance. I can now serve content on this domain, obtain a TLS certificate for this domain, etc. If any customers or servers are pointing to...

Palo Alto Software: Subdomain takeover of www2.growasyouplan.com

Summary www2.growasyouplan.com points to an AWS EC2 instance at 67.202.62.93 that no longer exists. I was able to take control of this IP address and run my own EC2 instance. I can now serve content on this domain, obtain a TLS certificate for this domain, etc. If any customers or servers are...

Chameleon - Customizable Honeypots For Monitoring Network Traffic, Bots Activities And Username\Password Credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres And MySQL)

Customizable honeypots for monitoring network traffic, bots activities and username\password credentials DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL Grafana Interface NMAP Scan Credentials Monitoring General Features Modular...

Logitech: SSRF allows reading AWS EC2 metadata using "readapi" variable in Streamlabs Cloudbot

Detailed summary is provided by the hacker below. Summary: Streamlabs Cloudbot is a customisable chatbot provided by Streamlabs which allows the creation of custom commands along with custom responses. These chat responses can take in "Variables" wrapped in curly brackets as documented in...

Helium: SSRF By adding a custom integration on console.helium.com

A Server Side Request Forgery vulnerability was found in the Add a custom Integration feature on console.helium.com. By creating a custom HTTP integration, and setting the integration endpoint to http://169.254.169.254/latest/meta-data private meta-data from the AWS EC2 instance running can be...

Amazon Linux 2 : kernel (ALAS-2019-1222) (SACK Panic) (SACK Slowness)

CVE-2019-11477 , CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux 2 AMIs as available in AWS EC2 already contain these kernels and are not...

Critical: kernel

Issue Overview: CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux AMIs as available in AWS EC2 already contain these kernels...

Omise: SSRF in webhooks leads to AWS private keys disclosure

Vulnerability Summary Omise makes use of Amazon AWS as their application environment. Due to a vulnerability in the way webhooks are implemented, an attacker can make arbitrary HTTP/HTTPS requests from the application server and read their responses. This is known as a server-side request forgery...

Authorization Bypass

openstack-keystone is vulnerable to authorization bypass. This is due to the way users are removed from tenants when using Amazon EC2 credentials. Users retain privileges after being removed from tenants and will still be able to access resources which would have not been permitted...

Imperva and Amazon Partner to Help Mitigate Risks Associated With Cloud Migration

Helping our customers reduce the risks associated with migrating to the cloud, and preventing availability and security incidents, has been a major development focus for Imperva over the last several years. Why the partnership matters Although cloud service providers take a host of IT management...

Qualys Cloud Platform 2.34.1 New Features

This release of the Qualys Cloud Platform version 2.34.1 includes updates and new features for Cloud Agent & AWS EC2 Connector, AssetView, CloudView, and Security Assessment Questionnaire, highlights as follows. Cloud Agent & AWS EC2 Connector Automatic Merge of Cloud Agents running in Amazon Web...