all InfoSec news
A-Salt: attacking SaltStack
Feb. 9, 2023, 7:05 a.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Found SaltStack on a network and don't know how to attack the thing? Check out how a few configuration issues and a new spin on Jinja template injections can undo a network managed by Salt.
<img alt="post featured image" src="https://skylightcyber.comhttps://skylightcyber.com/2023/02/09/a-salt-attacking-saltstack/saltshaker.jpg" />
<h1><a href="https://skylightcyber.com/#TL-DR" rel="noreferrer" target="_blank" title="TL;DR"></a>TL;DR</h1><p>SaltStack is an IT orchestration platform, similar to Puppet or Ansible. This blog post introduces a set of common misconfigurations we’ve encountered in the wild, as well as a novel template injection technique that can …
attack attackers cheatsheet check configuration defenders don managed network orchestration salt saltstack spin template what is
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Wireshark 4.2.5 Released, (Sat, May 18th)
1 day, 2 hours ago |
malware.news
Leveling the cybersecurity playing field
1 day, 18 hours ago |
malware.news
Automated pentesting in the cloud
1 day, 18 hours ago |
malware.news
How to revamp your cybersecurity in the middle of the chaos
1 day, 18 hours ago |
malware.news
6K-plus AI models may be affected by critical RCE vulnerability
1 day, 19 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Senior Security Analyst
@ Oracle | United States
Associate Vulnerability Management Specialist
@ Diebold Nixdorf | Hyderabad, Telangana, India
Cybersecurity Architect, Infrastructure & Technical Security
@ KCB Group | Kenya