This week's articles
When MFA isn't actually MFA
Retool experienced a security breach due to a spear phishing attack in August 2023. Attackers used social engineering tactics, compromising an employee's Google Authenticator, which exposed multi-factor authentication (MFA) codes.
#attack
#saas
Security flaws in an SSO plugin for Caddy
The Trail of Bits team identified 10 security vulnerabilities within the caddy-security plugin for the Caddy web server that could enable a variety of high-severity attacks in web applications, including client-side code execution, OAuth replay attacks, and unauthorized access to resources.
#attack
Ransomware Strikes Azure Storage: Are You Ready?
Post discussing Azure Storage Accounts, pointing out forensic artifacts in Azure that can help investigate ransomware attacks, and offering methods for attack detection.
#attack
#azure
#defend
Maintaining persistence via Shared sessions on Cloud Workstations
When an owner initiates a session and performs actions like gcloud auth login, the session state persists, shared across multiple users accessing the workstation through the same URL. This means that any user with access to the workstation can view and interact with the session artifacts created by the owner.
#attack
#gcp
|