Follow
Crossposted from Twitter
RT @GossiTheDog@twitter.com
Microsoft Azure silently install management agents on your Linux VMs, which now have RCE and LPE vulns.
Microsoft don’t have an auto update mechanism, so now you need to manually upgrade the agents you didn’t know existed as you didn’t install them. https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution
🐦🔗: https://twitter.com/GossiTheDog/status/1437896101756030982
Crossposted from Twitter
I was wondering why AWS doesn’t install certain tools by default, such as the Systems Manager agent or even the CloudWatch agent on ECS and EKS nodes.
I guess I have my answer right here. Ha.