This week's articles
Google Compute Engine (GCE) VM takeover via DHCP flood
#gcp, #attack
An advisory about an unpatched vulnerability affecting virtual machines in GCP. Attackers could take over virtual machines over the network due to weak random numbers used by the ISC DHCP software, and an unfortunate combination of additional factors.
Azure Persistence with Desired State Configurations
#azure, #attack
How the Desired State Configuration (DSC) VM extension can be abused by anyone with the Contributor role in an Azure subscription to run arbitrary commands, with built-in functionality for recurring commands and persistence.
|