How We Impersonated Cloud Code by Google Cloud and Took Over GCP Accounts

The Upwind security research team is constantly examining threat landscapes and potential attack paths. In one of our recent searches, we discovered an anomaly in the authentication behavior of Google Developer tools that security practitioners should be aware of.  We discovered this threat landscape by running scans on GCP Cloud Code, during which we found […]

CVE-2024-3094: How to Protect Against the SSHD Backdoor Found in XZ Utilities

CVE: CVE-2024-3094 Affected versions: 5.6.0, 5.6.1 Affected Distributions: Fedora 41, Fedora Rawhide, Alpine, openSUSE, Debian experimental distributions versions 5.5.1alpha-0.1 to 5.6.1-1. On March 29, 2024, CISA warned of a malicious backdoor in the popular data compression software library XZ Utils. The vulnerability has been designated as CVE-2024-3094, and has been assigned a CVSS (Common Vulnerability […]

A New Deadly Combination in Nginx

Recently a deadly combination of vulnerabilities emerged, posing a severe threat to Kubernetes clusters utilizing Ingress-Nginx. By exploiting three critical vulnerabilities: attackers can execute arbitrary code and escalate privileges, all with access to the Nginx Annotation object. These vulnerabilities have been confirmed in both NGINX and Kubernetes/Ingress-Nginx, as reported by Google and various GitHub issues. […]