Rhino Security Labs

Strategic Blog

Technical Strategic Technical & Strategic Both
Network Security

AWS IAM Privilege Escalation – Methods and Mitigation

Spencer Gietzen

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 21 in total –…

Read more
Network Security

Penetration Testing AWS Storage: Kicking the S3 Bucket

Network Security

The Business Case for Penetration Testing Your Network

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Network Security

Operation OwnedCloud: Exploitation and Post-exploitation Persistence

Benjamin Caudill

For a recent engagement, Rhino Security Lab’s was recruited to assess an internal network whose predominant operating system was Windows. After running tertiary scans and audits, nothing seemed to jump out at us besides an open OwnCloud…

Read more