Rhino Security Labs

Strategic & Technical Blog

Technical Strategic Technical & Strategic Both
AWS

CVE-2021-38112:
AWS WorkSpaces Remote Code Execution

David Yesland
September 21, 2021

This post details a vulnerability Rhino Security Labs discovered in the AWS WorkSpaces desktop client, tracked as CVE-2021-38112, which allows commands to be executed if a victim opens a malicious WorkSpaces URI from their browser. Rhino…

Read more
AWS

Cloud Malware:
Resource Injection in CloudFormation Templates

Research

CVE-2020-5377: Dell OpenManage Server Administrator File Read

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Google Cloud
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Uncategorized
AWS

Downloading and Exploring AWS EBS Snapshots

Ryan Gerstenkorn

AWS EBS snapshots are static backups of AWS EBS volumes. In other words, they are copies of the disks attached to an EC2 Instance at a specific point in time. EBS snapshots can be copied across regions and accounts, or even downloaded and…

Read more