Rhino Security Labs

Technical Blog

Technical Strategic Technical & Strategic Both
AWS

AWS Privilege Escalation – Methods and Mitigation

Spencer Gietzen
June 19, 2018

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 17 in total –…

Read more
Application Security

SleuthQL: A SQL Injection Discovery Tool

Application Security

Authenticated File Read Vulnerability in JasperReports
(CVE-2018-5430)

Sign up for our Newsletter

Categories
Clear Selection
Application Security
AWS
Azure
Buyers Guide
Cloud Security
Compliance
Enterprise Security
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Application Security

Exploiting ShoreTel Communicator through Situational Awareness

Dwight Hohnstein

Recently, the Rhino Security Labs team was tasked with an internal network assessment for an environment which ran a predominantly Windows environment. There are some bells that go off immediately in an assessor’s mind when within a…

Read more