My Shared Links — Week 38/2022
--
Collection of the resources and links I have found insightful and shared during week #38 of 2022.
AttachMe: critical OCI vulnerability allows unauthorized access to customer cloud storage volumes
Before it was patched, AttachMe could have allowed attackers to access and modify any other users’ OCI storage volumes without authorization, thereby violating cloud isolation. Upon disclosure, the vulnerability was fixed within hours by Oracle. No customer action was required.
Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet
Stop believing that because it works and meets technical requirements that it’s OK and secure by default.
An unknown attacker targeted over 39,000 of unauthenticated Redis servers exposed on the internet in an attempt to install a cryptocurrency miner.
Hackers Leaked ‘Grand Theft Auto’ Footage, Rockstar Games Says
Take-Two Interactive Software, Inc. said hackers broke into the networks of its Rockstar Games unit and illegally accessed early-development footage of the company’s next “Grand Theft Auto” videogame.
The hacker claiming to be behind the hacks also appeared to claim responsibility for last week’s break-in at Uber. The hacker said the Uber hack was “my previous work,” in a post on an online videogaming forum.
