“This completely reduces EC2 Metadata with SSRF as SSRF risk often disclose the power to clarify articles,” and investigators need to find the secret more, “the investigators have added.
In addition, users are advised to consider the WAF applications, in trouble, not allowing requests from the Happy IP addresses or Google Cloud) to make an example of AWS (and Google Cloud).
The threatening players run the first repetition on March 13 from IP 193.41.206.72, researchers added. The main campaign began two days later from IP 193.41.206.189, cycling at all Asn 25 campaign.
Source link