Rhino Security Labs

Technical Blog

Technical Strategic Technical & Strategic Both
AWS

S3 Ransomware Part 2: Prevention and Defense

Spencer Gietzen
June 11, 2019

This is part two in a two-part series on S3 Ransomware. Part One discusses the attack vector of S3 Ransomware and demonstrates a proof of concept.
Note: This post not only discusses defense mechanisms against S3 ransomware, but it also…

Read more
AWS

S3 Ransomware Part 1: Attack Vector

Application Security

NVIDIA GeForce Experience OS Command Injection
CVE-2019-5678

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Application Security

CVE-2019-0227: Expired Domain to Remote Code Execution in Apache Axis

David Yesland

Apache Axis™ is a Simple Object Access Protocol (SOAP) engine. During a recent red team engagement we came across an install of an old version of Apache Axis, version 1.4. There are now newer versions such as Apache Axis2, Apache CXF, and…

Read more