Researchers discovered nearly 1,000 cloud environments vulnerable to exploitation due to misconfigurations exposing security testing applications to the internet, Pentera reported Wednesday.The Pentera Labs team initially discovered a web-exposed instance of Hackazon during a cloud security assessment for a client. Hackazon is an intentionally vulnerable application meant for internal security testing and training.Following this discovery, the team began to scan the web for more exposed instances of Hackazon and similar testing apps such as OWASP Juice Shop, Damn Vulnerable Web Application (DVWA) and Buggy Web Application (bWAPP).Using tools like Censys and Shodan, the researchers uncovered 1,926 live, vulnerable applications, 974 of which ran on enterprise-owned cloud infrastructure hosted by major providers including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
Related reading:
This process uncovered 109 sets of credentials with unique identity or role names, many of which had greater privileges and access than necessary for the application’s purpose. The researchers also found active secrets such as GitHub tokens and Slack keys, proprietary source code and data from real users exposed through several of the vulnerable environments.Exposed identities included those attached to cloud resources owned by Cloudflare, F5 and Palo Alto Networks, which were reported and resolved by the companies without any access to sensitive data or evidence of compromise.
Security Operations, SOC, Cloud Security, Application security, Patch/Configuration Management
Hundreds of vulnerable test environments exposed, targeted by crypto miners

An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



