Rhino Security Labs

Strategic Blog

RCE to IAM Privilege Escalation in GCP Cloud Build

Spencer Gietzen

We have previously released a lot of research around Identity & Access Management (IAM) privilege escalation in AWS (last post here).  Very similar, this blog will focus on a feature of Google Cloud Platform (GCP) that might allow for…

The Capital One Breach
& “cloud_breach_s3” CloudGoat Scenario

Escalating AWS IAM Privileges with an
Undocumented CodeStar API

S3 Ransomware Part 2: Prevention and Defense

Spencer Gietzen

This is part two in a two-part series on S3 Ransomware. Part One discusses the attack vector of S3 Ransomware and demonstrates a proof of concept.
Note: This post not only discusses defense mechanisms against S3 ransomware, but it also…