Rhino Security Labs

Strategic & Technical Blog

Abusing VPC Traffic Mirroring in AWS

Spencer Gietzen

There are many reasons that a person might want to monitor the network traffic in a cloud environment–for both offensive and defensive purposes. Passive network inspection can be difficult in the cloud and would previously require…

Exploiting AWS ECR and ECS with
the Cloud Container Attack Tool (CCAT)

Bypassing IP Based Blocking with AWS API Gateway

The Capital One Breach
& “cloud_breach_s3” CloudGoat Scenario

Jeffrey Anderson

Cloud security, specifically AWS security, is once again in the news. This time it’s a major breach at banking giant Capital One. With 100 million customers affected, it ranks as one of the largest data breaches to date. Capital One now…