Rhino Security Labs Blog

Posted in Cloud Security, Penetration Testing

Penetration Testing in the AWS Cloud: What You Need to Know

Introduction to Penetration Testing in AWS In previous posts, we have covered a range of AWS (Amazon Web Services) security research topics, including attacking S3 buckets and compromising AWS environments. In this article, we’ll be walking through what you need to know when penetration testing your AWS service. Understanding the AWS Cloud AWS offers over […]

Posted in Research

Epson Vulnerability: EasyMP Projector Takeover (CVE-2017-12860 / CVE-2017-12861)

Overview Summary: Epson EasyMP Vulnerabilities As part of a targeted, customized security assessment, the Rhino Security Labs team was tasked with identifying anything which would interfere with a major technology conference. In addition to other areas, this led us to research the security of Epson projectors, and specifically EasyMP – a proprietary screen share and […]

Posted in Cloud Security

Introducing CFire: Evading CloudFlare Security Protections

CloudFlare is a cloud security provider, offering WAF and DDoS services as part of its DNS service. When properly configured, the protections between a user and a CloudFlare-secured site can be an effective way of shielding the true IP addresses of an organization’s internet-facing assets and therefore protect them with CloudFlare’s filtering capabilities. Without the […]

Posted in Penetration Testing

Do I Need a Vulnerability Scan or a Penetration Test?

Vulnerability Assessment versus Penetration Test

Vulnerability scan and penetration test— what do these terms mean and how do they related in a security assessment?  The differences between a scan and pentest are important, but often confused. So what’s the difference between these security assessments and how do they relate? More importantly, which should you consider when assessing your security posture? […]

Posted in Cloud Security

AWS Identity Access Management (IAM): Preventing Common Security Configuration Flaws

AWS Configurations

Many recent high-profile data breaches have resulted from misconfigured AWS Identity and Access Management (IAM) permissions. While AWS is very secure when configured correctly, it is trivial to make a mistake in your configuration that exposes significant data and software systems. It is estimated that some 73% of companies have critical AWS misconfigurations. This article […]

Posted in Cloud Security

OneLogin Breach: Cloud Security and Protecting AWS Keys

AWS Keys

Password management company OneLogin announced last week that an unknown actor compromised secure databases by obtaining a set of AWS keys. This occurrence is especially concerning to security communities who have recommended password managers as a safe alternative to memorized passwords, which are frequently reused and easy to guess. OneLogin CISO Alvaro Hoyos posted Wednesday: […]

Posted in Penetration Testing, Research

Penetration Testing AWS Storage: Kicking the S3 Bucket

AWS Cloud

In our last AWS penetration testing post, we explored what a pentester could do after compromising credentials of a cloud server. In this installment, we’ll look at an Amazon Web Service (AWS) instance from a no-credential situation and specifically, potential security vulnerabilities in AWS S3 “Simple Storage” buckets. After walking through the AWS S3 methodology, […]

Posted in Information Security, Penetration Testing

The Business Case for Penetration Testing Your Network

Penetration Test ROI

There are two vernaculars spoken in every organization: technical and non-technical. Any technical person has experienced the frustration of explaining technical details and why they’re important, just to have a non-technical person stare blankly back at them. It’s no surprise then that conveying the value of a penetration test can fall on deaf ears when […]

Posted in Research

Unitrends Vulnerability Hunting: Remote Code Execution (CVE-2017-7280) – Chapter 2

This is chapter two of a two part series on Remote Code Execution (RCE) vulnerability hunting in Unitrends. Fixes to these bugs are available in the latest Unitrends update. The exploits for the Unitrends vulnerabilities mentioned in this security research series can be found on the Rhino Security GitHub page. In chapter one of this […]

Posted in Research

Unitrends Vulnerability Hunting: Remote Code Execution (CVE-2017-7280) – Chapter 1

This is chapter one of a two part series on Remote Code Execution (RCE) vulnerability hunting in Unitrends. Fixes to these bugs are available in the latest Unitrends update. The exploits for the Unitrends vulnerabilities mentioned in this security research series can be found on the Rhino Security GitHub page. What is Unitrends? Unitrends is […]