Rhino Security Labs

Strategic & Technical Blog

Cloud Malware:
Resource Injection in CloudFormation Templates

Ryan Gerstenkorn
August 4, 2021

As a process, CloudFormation deployments are modular, with the template upload being a distinct step from the deployment itself. Templates can be made through the web console or through 3rd party tools, but as CloudFormation is an AWS-…

CVE-2020-5377: Dell OpenManage Server Administrator File Read

Downloading and Exploring AWS EBS Snapshots

CloudGoat ECS_EFS_Attack Walkthrough

Sebastian Mora

Cloudgoat is a tool that can build vulnerable Capture-the-Flag style AWS environments to help security assessors learn about AWS security and AWS vulnerabilities. This walkthrough will cover the CloudGoat attack simulation “ecs_efs_attack…