Research - ClearVector

Research

Merge Order Hijacking in AWS Lambda

As serverless computing increasingly becomes popular, third-party vendors are incentivized to provide runtime enhancements to serverless workloads. These enhancements often include telemetry collection, log enrichment, or runtime security enhancements. In this blog, we examine how AWS and third-party vendors deploy these enhancements within AWS Lambda, and how attackers can leverage

Research

LambdaSpy - Implanting the Lambda execution environment (Part two)

In part one [https://www.clearvector.com/blog/lambda-internals/] of this series, we discussed the AWS Lambda execution environment. In this post, we focus on the challenge of persisting in a serverless environment, gaining access to the data that Lambda functions process, and one possible method in the form of

Research

Lambda internals (Part one)

The past several years have seen a significant rise [https://www.cncf.io/wp-content/uploads/2020/12/CNCF_Survey_Report_2020.pdf] in the use of serverless cloud computing solutions, and with good reason. Serverless [https://aws.amazon.com/serverless/] applications can be cheaper, more scalable, more rapidly developed and