GreyKeep Security

Expert security for an evolving digital age

Linux

Security Researchers Repurpose Amazon SSM Agent as a Remote Access Trojan

· ·

Laptop computer displaying AWS logo

Security researchers at Mitiga have discovered a technique for using AWS Systems Manager (SSM) Agent as a remote access trojan (RAT). The technique allows for persistent command and control of a compromised host by an attacker from within another AWS account.

SSM Agent is software that allows administrators to configure, manage, and update AWS resources through the Systems Manager service. It can be installed on a various systems, including Amazon Elastic Compute Cloud (EC2) instances, edge devices, on-premises servers, and virtual machines.

[Read more…] about Security Researchers Repurpose Amazon SSM Agent as a Remote Access Trojan

GameOver(lay) Vulnerabilities in Ubuntu May Affect 40% of Cloud Users

· ·

Ubuntu Linux command line prompt
Photo by Gabriel Heinzer

Two privilege escalation vulnerabilities, collectively called GameOver(lay), may affect 40% of cloud workloads running on Ubuntu. The GameOver(lay) vulnerabilities were discovered by security firm Wiz and jointly reported by The Hacker News.

The vulnerabilities were reported under CVE-2023-32629 and CVE-2023-2640 and only affect Ubuntu kernels.

[Read more…] about GameOver(lay) Vulnerabilities in Ubuntu May Affect 40% of Cloud Users

How can we help you become more secure? Contact Us