Security News > 2024 > November > Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
2024-11-25 11:24
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more secure than
News URL
https://thehackernews.com/2024/11/cybersecurity-flaws-in-iac-and-pac.html
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13) (source)
- THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20) (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 - Oct 27) (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) (source)
- IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10) (source)
- Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage (source)
- THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17) (source)