watchTowr3d ago

~150 S3 abandoned buckets. 8M+ requests. Two months. Software updates, binaries, VMs and more.

This week, AWS rolled out namespaces for new S3 buckets - finally.

This is why offensive security research is so important - to move the needle.

https://labs.watchtowr.com/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur/

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur

Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies, supply chains, software development systems and environments, and more. “Ugh, won’t they just stick to creating poor-quality memes?” we hear you moan. Maybe we should, maybe

watchTowr Labs
Show threadViss

@watchTowr dude i had a lot of really good luck with the beef framework!

... when i got it to work

.. when it wouldnt crash when people hit my payload

.. if it stayed up for more than 30 minutes.

.. and if fewer than 3 people hit it at once.

Mar 20 at 10:34pmWeb