{"id":15523,"date":"2026-01-21T22:34:36","date_gmt":"2026-01-21T22:34:36","guid":{"rendered":"https:\/\/newestek.com\/?p=15523"},"modified":"2026-01-21T22:34:36","modified_gmt":"2026-01-21T22:34:36","slug":"misconfigured-demo-environments-are-turning-into-cloud-backdoors-to-the-enterprise","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15523","title":{"rendered":"Misconfigured demo environments are turning into cloud backdoors to the enterprise"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>Internal testing, product demonstrations, and security training are critical practices in cybersecurity, giving defenders and everyday users the tools and wherewithal to prevent and respond to enterprise threats.<\/p>\n<p>However, according to new research from Pentera Labs, when left in default or misconfigured states, these \u201ctest\u201d and \u201cdemo\u201d environments are yet another entry point for attackers \u2014 and the issue even affects leading security companies and Fortune 500 companies that should know better.<\/p>\n<p>Researchers discovered that popular public training apps like Hackazon, Damn Vulnerable Web Application (DVWA), and OWASP Juice Shop have been frequently left accessible to the public internet, inadvertently exposing top vendors including Palo Alto Networks, Cloudflare, and F5.<\/p>\n<p>\u201cThis is not theoretical research,\u201d <a href=\"https:\/\/il.linkedin.com\/in\/noamyaffe\" target=\"_blank\" rel=\"noreferrer noopener\">Noam Yaffe<\/a>, Pentera\u2019s senior researcher and offensive security team lead, wrote in a <a href=\"https:\/\/pentera.io\/blog\/exposed-cloud-training-apps-pentera-labs\/\" target=\"_blank\" rel=\"noreferrer noopener\">technical blog post<\/a>. His team discovered \u201cclear evidence\u201d that these attack vectors are being exploited in the wild to enable crypto miners, webshells, and persistence mechanisms. The attackers are believed to be of Eastern European origin.<\/p>\n<p>\u201cThis research proves that labeling something as \u2018training\u2019 or \u2018dev\u2019 doesn\u2019t make it invisible to attackers,\u201d Yaffe noted. \u201cIf it\u2019s on the internet and it has cloud credentials, it\u2019s a target.\u201d<\/p>\n<h2 class=\"wp-block-heading\" id=\"exposing-crown-jewels-through-seemingly-harmless-labs\">Exposing crown jewels through seemingly harmless labs<\/h2>\n<p>After identifying an exposed instance of Hackazon, a free, intentionally vulnerable test site developed by Deloitte, during a routine <a href=\"https:\/\/www.csoonline.com\/article\/4117003\/cyber-risk-assessments-risk-assessment-helps-cisos.html\" target=\"_blank\">cloud security assessment<\/a> for a client, Yaffe performed a five-step hunt for exposed apps. His team uncovered 1,926 \u201cverified, live, and vulnerable applications,\u201d more than half of which were running on enterprise-owned infrastructure on AWS, Azure, and Google Cloud platforms.<\/p>\n<p>They then discovered 109 exposed credential sets, many accessible via a low-priority lab environment, tied to overly-privileged <a href=\"https:\/\/www.csoonline.com\/article\/518296\/what-is-iam-identity-and-access-management-explained.html\" target=\"_blank\">identity access management (IAM)<\/a> roles. These often granted \u201cfar more access\u201d than a \u2018training\u2019 app should, Yaffe explained, and provided attackers:<\/p>\n<ul class=\"wp-block-list\">\n<li>Administrator-level access to cloud accounts, as well as full access to S3 buckets, GCS, and Azure Blob Storage;<\/li>\n<li>The ability to launch and destruct compute resources and read and write to secrets managers;<\/li>\n<li>Permissions to interact with container registries where images are stored, shared, and deployed.<\/li>\n<\/ul>\n<p>Attackers maintained persistent access, moved laterally across networks, exploited cloud credentials and other sensitive information, and crypto-mined victim infrastructure. Further, Pentera\u2019s researchers easily discovered active secrets such as Slack keys, GitHub tokens, and Docker Hub credentials, as well as real user data and proprietary source code.<\/p>\n<p>Alarmingly, in DVWA, 54% of instances discovered still used the default credentials \u2018admin:password,\u2019 and attackers could downgrade security settings in a single click (from \u201cimpossible\u201d to \u201clow\u201d), making every built-in vulnerability \u201ctrivially exploitable,\u201d Yaffe noted.<\/p>\n<p>\u201cWhat began as a harmless lab could lead directly to an organization\u2019s crown jewels,\u201d he said.<\/p>\n<h2 class=\"wp-block-heading\" id=\"real-world-exploitations\">Real-world exploitations<\/h2>\n<p>In one real-world instance, Pentera\u2019s team discovered a misconfigured buggy web application (bWAPP) linked to Cloudflare cloud accounts running on Google Cloud Platform (GCP). bWAPP is a free, open source, deliberately insecure web app used for <a href=\"https:\/\/www.csoonline.com\/article\/4119475\/13-cyber-questions-to-better-vet-it-vendors-and-reduce-third-party-risk.html\" target=\"_blank\">training purposes<\/a>. Querying GCP\u2019s metadata services, the researchers were able to impersonate default service accounts and gain read access to \u201chundreds\u201d of storage buckets.<\/p>\n<p>Similarly, a DVWA linked to F5\u2019s cloud accounts was found running on a GCP instance, again allowing the researchers to access numerous storage buckets containing logs and metric data. In addition, a misconfigured Palo Alto-linked DVWA app was identified running on AWS; Yaffe and his team used the attached IAM role and temporary credentials to gain full administrative access to the AWS account.<\/p>\n<p>Researchers also exfiltrated OAuth tokens for a GCP service account to assume its identity, and list and access specific bucket content. For instance, one \u201ccloud_build\u201d bucket stored .tgz files that attackers could easily download. The account was managed by an admin email and violated least privilege because it contained policy permission, Yaffe explained.<\/p>\n<p>\u201cEven though this was a \u2018dev\u2019\/ \u2018training\u2019 account, it contained highly sensitive secrets, credentials, and API tokens,\u201d he said.<\/p>\n<p>In assessing these misconfigured, vulnerable applications, his team found \u201cclear evidence\u201d that they were already being fully exploited in the wild. Roughly 20% of the DVWA instances they discovered contained artifacts deployed by malicious actors, including:<\/p>\n<ul class=\"wp-block-list\">\n<li>XMRig Crypto Miner actively running, sending proceeds to attacker-controlled wallets, and configured to run silently without user knowledge;<\/li>\n<li>A \u201csophisticated\u201d watchdog script that maintained persistence even after a compromise had been discovered. This featured self-recovery, automated downloads, encrypted payload delivery, evidence deletion, and kill switches that threat actors could use to easily shut down operations;<\/li>\n<li>A PHP webshell that granted attackers the ability to read, write, delete, upload and download files; run operating system (OS) commands and scripts on remote machines; and access credentials, API keys, and other secrets embedded in source code.<\/li>\n<\/ul>\n<p>All discoveries were responsibly disclosed to the impacted organizations and were subsequently mitigated prior to publication, Yaffe emphasized.<\/p>\n<p>\u201cThese weren\u2019t isolated incidents; they represented an organized, ongoing exploitation campaign,\u201d he warned.<\/p>\n<h2 class=\"wp-block-heading\" id=\"what-enterprises-can-do-now\">What enterprises can do now<\/h2>\n<p>To defend against this widespread threat, Yaffe and his team developed SigInt, a Python-based, large language model (LLM)-powered autonomous reconnaissance framework. <a href=\"https:\/\/github.com\/noamYaffe1\/SigInt\" target=\"_blank\" rel=\"noreferrer noopener\">The tool<\/a>, which is available on GitHub, generates fingerprint signatures directly from a live target or GitHub repository, searches for matches, and applies confidence scoring. It also incorporates IP intelligence, cloud provider detection, attribution data, and provides analysis to support further investigation.<\/p>\n<p>Beyond this, Yaffe advised enterprises to \u201cinventory everything\u201d to establish a complete, up-to-date picture of all cloud resources, including \u2018temporary\u2019 and \u2018test deployments,\u2019 perform regular audits to scan for exposed services, and apply least privilege.<\/p>\n<p>\u201cNever attach broad IAM roles to training or demo environments,\u201d he said.<\/p>\n<p>Further, defenders should isolate training environments from production networks and apply the same monitoring and alerting to them as production environments, restrict their outbound internet access, document and enforce changes to default credentials pre-deployment, and set controls that expire temporary testing environments after a specified timeframe. \u201cIf it doesn\u2019t have an end date, it will run forever,\u201d Yaffe noted.<\/p>\n<p>Ultimately, he emphasized: \u201cThese are fixable problems. Basic hygiene \u2026 would have prevented every case we found.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Internal testing, product demonstrations, and security training are critical practices in cybersecurity, giving defenders and everyday users the tools and wherewithal to prevent and respond to enterprise threats. However, according to new research from Pentera Labs, when left in default or misconfigured states, these \u201ctest\u201d and \u201cdemo\u201d environments are yet another entry point for attackers \u2014 and the issue even affects leading security companies and&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=15523\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15523","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15523"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15523\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}