US EditionExposed Training Apps Are Showing up in Active Cloud Attacks
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.6 Articles
6 Articles
Exposed Security Training Apps Become a Backdoor Into Enterprise Cloud Environments
Security teams have long relied on deliberately vulnerable web applications to train defenders and test internal defenses. New research shows those same tools are now being used as a shortcut into real enterprise cloud environments.An investigation by automated penetration testing firm Pentera found that threat actors are actively exploiting misconfigured security training and testing applications that have been left exposed on the public intern…
Exposed training apps are showing up in active cloud attacks
Security teams often spin up vulnerable applications for demos, training, or internal testing. A recent Pentera research report documents how those environments are being left exposed on the public internet and actively exploited. The research focuses on intentionally vulnerable apps such as OWASP Juice Shop, Damn Vulnerable Web Application, Hackazon, and similar projects. These tools are commonly deployed to teach secure coding, support product…
Misconfigured demo environments are turning into cloud backdoors to the enterprise
Internal testing, product demonstrations, and security training are critical practices in cybersecurity, giving defenders and everyday users the tools and wherewithal to prevent and respond to enterprise threats. However, according to new research from Pentera Labs, when left in default or misconfigured states, these “test” and “demo” environments are yet another entry point for attackers — and the issue even affects leading security companies a…
Pentera Labs warns vulnerable demo apps are being actively exploited in the wild
Vulnerable training and demo applications exposed to the public internet are being actively exploited and used as entry points for full cloud account compromise at major enterprises, including Fortune 500 companies. That’s according to a new report out today from Pentera Labs, the research arm of Pentera Security Ltd. The report, When the Lab Door Stays Open, […] The post Pentera Labs warns vulnerable demo apps are being actively exploited in th…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium