BreakingFormation: Orca Security Research Team Discovers AWS CloudFormation Vulnerability
Orca Security’s vulnerability researcher, Tzah Pahima, discovered a vulnerability in AWS allowing file and credential disclosure of an AWS internal...
Orca Security’s vulnerability researcher, Tzah Pahima, discovered a vulnerability in AWS allowing file and credential disclosure of an AWS internal...
Orca's Research Team discovered a critical vulnerability that could allow an actor to create resources and access data of AWS...
Orca Security asked CEOs, CISOs, and other cyber security leaders across a variety of industries for their advice on how...
In the third part of the Orca Security blog post series about Azure AD and IAM, Roee shares research on...
Update as of December 28, 2021: A new remote code execution (RCE) flaw has been discovered in Log4j 2.17.0, tracked...
Orca Security roundup of Cybersecurity Leaders and Experts: Where should organizations focus their cloud compliance strategies in 2022?
Have you and your security team been working weekends and long days to remediate Log4j2 vulnerabilities? With new Log4j vulnerabilities...
Table of contentsWhat are managed identities?Getting a managed identity access tokenThe known privilege escalation methodMy research objectivesEscalation to managed identities’...
Logs can be used to check for anomalies and give insight into suspected breaches. Flow logs on network watcher {AzureNetworkFlowLog}...