Cloud Security

Cloud breaches possible with new attack leveraging IaC, PaC tool flaws

Adobe Stock

Numerous cloud systems could have their data compromised through a pair of novel attack techniques exploiting the Styra Open Policy Agent policy-as-code engine and HashiCorp Terraform infrastructure-as-code tool, according to The Hacker News.

Aside from leveraging stolen access keys to compromise OPA servers with a malicious Rego policy that could facilitate credential exfiltration, threat actors could also circumvent 'http.send' function restrictions by exploiting DNS tunneling with the 'net.lookup_ip_addr' function, a report from Tenable found. On the other hand, Terraform could be targeted through the exploitation of the 'terraform plan' command to run malicious data sources. "This poses a risk, as an external attacker in a public repository or a malicious insider (or an external attacker with a foothold) in a private repository could exploit a pull request for their malicious objectives," said Tenable researchers, who not only urged the adoption of granular role-based access controls and app- and cloud-level tracking and analysis logs but also warned against automated execution of CI/CD pipeline code.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds