Why You Shouldn't Use Microsoft Windows11.

...

LMDE5 - Linux Mint Debian Edition.

LMDE5 -...

Why Should I Not Use Windows10?

Here are a...

Cloud Users Permission Settings Opens Up For Larger Attack Surface

English

Cloud Users Permission Settings Opens Up For Larger Attack Surface.

Unit 42 researchers did analyze over 680,000 identities across 18,000 cloud accounts from 200 different organizations and found that 99% of these cloud users, roles and service accounts were overly permissive. You can read the report here.

Setting excessive permissions unnecessarily open up a much larger attack surface for hackers and increases the risk of privilege escalation. You should look over your settings to help prevent adversaries exploiting these permissions to escalate to more privileged roles.

The security researchers has developed an open source tool to help mitigate the privilege escalation risks of overly permissive identities in AWS.

The software IAM-Deescalate, can be downloaded for free from GitHub.

License: MIT

IAM-Deescalate software:

What this tool does first is to identify the users and roles with privilege escalation risks using PMapper.

For each risky principal, IAM-Deescalate calculates a minimal set of permissions granted to this principal that can be revoked to eliminate the risks.

IAM-Deescalate inserts an inline policy to explicitly deny the risky permissions that could allow the principal to escalate to administrator privilege.

IAM-Deescalate can remediate all the privilege escalation risks that PMapper identifies.

Needed permissions to use IAM-Deescalate:

Because IAM-Deescalate needs to check and modify identity-based policies, it is intended to be used by authorized users with sufficient IAM permissions.

Read this document here.

For more information on how to use this software and a more in depth knowledge about the problem and how to remediate all the privilege escalation risks, visit Unit42 blog.

 

Help us by donating a small amount

 
If you find this site helpful, please consider donating a small amount.
Please use our contact us form and we will give you the relevant information to make a donation.
We accept BitCoin and ZCash at the moment.

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers

NordVPN + 3 Months