Security News > 2024 > November > Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
2024-11-25 11:24
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data. "Since these are hardened languages with limited capabilities, they're supposed to be more secure than
News URL
https://thehackernews.com/2024/11/cybersecurity-flaws-in-iac-and-pac.html
Related news
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January] (source)
- Don’t let these open-source cybersecurity tools slip under your radar (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [3 February] (source)
- ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February] (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hottest cybersecurity open-source tools of the month: February 2025 (source)
- Online crime-as-a-service skyrockets with 24,000 users selling attack tools (source)