Rhino Security Labs

Strategic & Technical Blog

AWS IAM Privilege Escalation – Methods and Mitigation

Spencer Gietzen

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 21 in total –…

AWS IAM Enumeration 2.0: Bypassing CloudTrail Logging

CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment

Hiding in the Cloud:
Cobalt Strike Beacon C2 using Amazon APIs

Benjamin Caudill

Researchers at Rhino Security Labs have developed a way to use Amazon’s AWS APIs for scalable malware Command and Control (C2), subverting a range of traditional blocking and monitoring techniques. By leveraging the Cobalt Strike “…