Welcome to our

Cyber Security News Aggregator

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

First slide label

Some representative placeholder content for the first slide.

Second slide label

Some representative placeholder content for the second slide.

Third slide label

Some representative placeholder content for the third slide.

log4shell and cloud provider internal meta data services (IMDS), (Thu, Dec 23rd)

published on 2021-12-23 23:17:03 UTC by
Content:

Are you running an application in a cloud environment like Amazon's EC2? Cloud providers usually offer a nifty way to manage credentials: Internal Meta Data Services (IMDS). For AWS, the IMDS listens on 169.254.169.254. 169.254/16 being link-local only, only code running on the host itself can reach it, and your code can use this service to retrieve credentials. Or, well, any code running on the host can.

Article: log4shell and cloud provider internal meta data services (IMDS), (Thu, Dec 23rd) - published almost 3 years ago.

https://isc.sans.edu/diary/rss/28168
Published: 2021 12 23 23:17:03
Received: 2021 12 24 00:40:29
Feed: SANS Internet Storm Center, InfoCON: green
Source: SANS Internet Storm Center, InfoCON: green
Category: Alerts
Topic: Vulnerabilities
Views: 2