Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames
Microsoft Azure offers a diverse range of services that empower organizations with convenient and scalable cloud infrastructure solutions. However, even...
The Orca Research Pod recently discovered a total of 8 important Cross-Site Scripting (XSS) vulnerabilities within various Apache services on...
In Azure environments, guest users are the go-to option when giving access to a user from a different tenant. Often,...
Bad.Build is a critical design flaw discovered by the Orca Research Pod in the Google Cloud Build service that enables...
Although it’s always preferable to prevent security incidents before they occur, it’s only a matter of time before an attacker...
The state of cloud security is a dynamic and ever-evolving landscape, as both attackers and defenders continuously adapt their tactics...
Here at Orca Security, our team of cloud researchers are continually pushing the cloud security limits to ensure that we...
We're excited to announce the release of our new free community cloud security tool IAM AWS Policy Evaluator (IAM APE),...
Wait, did you say ‘Cross-Cloud Provider Attacks’? Yes, this is actually a growing type of attack path: As organizations increasingly...