Attacks on clouds. Azure and AWS hacking guide

The migration of IT infrastructure to clouds is not just a tribute to fashion: this approach allows to save on technical support, backup, and administration. In addition, cloud-based infrastructure is believed to be more resistant to failures and external attacks. But the bitter truth is that even the most popular hybrid cloud services, including Azure and AWS, can be hacked. In this article, I will address basic techniques used to attack cloud environments.
Read full article →

How to reinstall Windows remotely

Remote work is the main trend of this year. It suddenly turned out that many things can be done more efficiently from home than sitting in the office. In my humble opinion, such a standard operation as OS reinstallation can be performed remotely as well. Today, I will show how to do this.
Read full article →

Holes in the hole. Vulnerabilities in Pi-hole allow to seize control over Raspberry Pi

Three severe vulnerabilities have been recently discovered in Pi-hole, a popular app that blocks advertisement and unwanted scripts. Two of these vulnerabilities result in remote command execution, while the third one allows to escalate your privileges to root. Let’s examine the origin of these bugs and concurrently find out how to detect vulnerabilities in PHP code and Bash scripts.
Read full article →