Security News > 2024 > November > Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
2024-11-25 11:24
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more secure than
News URL
https://thehackernews.com/2024/11/cybersecurity-flaws-in-iac-and-pac.html
Related news
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- Hottest cybersecurity open-source tools of the month: March 2025 (source)
- What native cloud security tools won’t catch (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools (source)
- Hottest cybersecurity open-source tools of the month: April 2025 (source)