Cloud Infrastructure Security Archives

OWASP Top 10 API Security Risks – 2023: API7:2023 – Server-Side Request Forgery (SSRF)

18 February 2025 by Krishna

SSRF vulnerabilities occur when an API fetches a remote resource using a user-supplied Uniform Resource Identifier (URI) without adequate validation. This oversight allows attackers to manipulate the request, coercing the server to interact with unintended destinations. These attacks bypass traditional network controls like firewalls and VPNs, making them particularly insidious.

Securing-Virtualised-Environments-KrishnaG-CEO

Securing Virtualised Environments: Understanding and Mitigating Live Migration Attacks

7 December 20247 December 2024 by Krishna

Live migration attacks target the transmission of VM data, exploiting vulnerabilities in the migration protocols or hypervisor configurations. Attackers can gain unauthorised access to VMs, inject malicious code, or disrupt the VM’s operation by interfering with the live migration traffic. These attacks can result in severe operational disruption, data breaches, and the compromise of VM images that contain confidential data.