Hackers Abuse Vulnerable Training Web Apps to Breach Enterprise Cloud Environments - CySecurity News - Latest Information Security and Hacking Incidents

Hackers are exploiting poorly secured web applications designed for security training to breach enterprise cloud environments, according to a report by Pentera. These vulnerable applications, including DVWA and OWASP Juice Shop, are being used as entry points to deploy cryptocurrency miners and webshells, and to gain administrative-level control over cloud environments. Pentera identified 1,926 active vulnerable applications, many of which were tied to excessive IAM permissions and hosted across AWS, GCP, and Azure. The researchers disclosed their findings to impacted companies, which have since remediated the issues. To reduce risk, Pentera advises organizations to keep an accurate inventory of all cloud assets, enforce least-privilege IAM permissions, remove default credentials, and set expiration policies for temporary cloud resources.