Rhino Security Labs

Strategic & Technical Blog

Technical Strategic Technical & Strategic Both
Cloud Security

The Capital One Breach
& “cloud_breach_s3” CloudGoat Scenario

Jeffrey Anderson
August 4, 2019

Cloud security, specifically AWS security, is once again in the news. This time it’s a major breach at banking giant Capital One. With 100 million customers affected, it ranks as one of the largest data breaches to date. Capital One now…

Read more
Cloud Security

AWS IAM Privilege Escalation – Methods and Mitigation – Part 2

Cloud Security

Exploring the Power of Phished Persistent Cookies in AWS

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Cloud Security

CloudGoat Official Walkthrough Series: “rce_web_app”

Jeffrey Anderson
July 9, 2019

We at Rhino Security Labs recently released the next generation of our “vulnerable by design” AWS deployment tool, CloudGoat. One of the biggest changes in this new version is the introduction of scenarios. As part of our ongoing…

Read more