instances

  • Blog
    digitpatrox1 week ago
    23

    whoAMI attacks give hackers code execution on Amazon EC2 instances

    Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. Dubbed “whoAMI,” the attack was crafted by DataDog researchers in August 2024, who demonstrated that it’s possible for attackers to gain code execution within AWS accounts by exploiting how software projects retrieve…

    Read More »
  • Blog
    digitpatroxOctober 30, 2024
    95

    Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

    Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. This week, security researcher DreyAnd disclosed that CyberPanel 2.3.6 (and likely 2.3.7) suffers from three distinct security problems that can result in an exploit allowing unauthenticated remote root access without authentication. Specifically, the researcher…

    Read More »
Back to top button
close