Code Execution - Geek Feed

whoAMI attacks give hackers code execution on Amazon EC2 instances

February 16, 2025February 16, 2025 geekfeed0Tagged amazon, Amazon Web Services, attack, AWS, Cloud, Cloud Security, Code Execution

Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. Dubbed “whoAMI,” the attack was crafted by DataDog researchers in August 2024, who demonstrated that it’s possible for attackers to gain code execution within AWS accounts by exploiting how […]

4 mins read

QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app

January 25, 2025January 25, 2025 geekfeed0Tagged Code Execution, Hybrid Backup Sync, QNAP, rce, Remote Code Execution, Rsync, vulnerability

QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. Rsync is an open-source file synchronization tool that supports direct file syncing via its daemon, SSH transfers via SSH, and incremental transfers that save time and bandwidth. It’s widely used by many backup solutions […]

2 mins read