Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

1 year ago [email protected] (The Hacker News)
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks


Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data.
“Since these are hardened languages with limited capabilities, they’re supposed to be more secure than

The post “Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , ,

More Stories

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

1 day ago [email protected] (The Hacker News)

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

1 day ago [email protected] (The Hacker News)

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

1 day ago [email protected] (The Hacker News)

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

2 days ago [email protected] (The Hacker News)

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

2 days ago [email protected] (The Hacker News)

Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup

2 days ago [email protected] (The Hacker News)