Security News > 2024 > November > Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
2024-11-25 11:24
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more secure than
News URL
https://thehackernews.com/2024/11/cybersecurity-flaws-in-iac-and-pac.html
Related news
- ⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8) (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- Best CSPM Tools 2025: Top Cloud Security Solutions Compared (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips (source)
- Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [30 Dec] (source)
- Hottest cybersecurity open-source tools of the month: December 2024 (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan] (source)