Oruam Oliuj · Security & Infrastructure

WRITING

> Technical notes from real incidents, exercises and daily work in cloud security_

The "Misantropia" Incident: Brazil's National Alert System Failure
How a teenager with five-year-old leaked credentials shut down Brazil's national emergency alert system — and what the exposed debug mode, SQL injection, and missing MFA say about critical public infrastructure security.
Your Container's Identity Is Worth More Than Root
How a non-root container with limited file read access becomes the pivot point for cross-account IAM escalation via the metadata endpoint and image layer history.
One Wildcard in a Trust Policy
How StringLike with a glob pattern in an IAM trust policy condition turns a controlled role assumption into an open path — and why StringEquals matters.
The Header That Opened the Network
Why X-Forwarded-For should never be used for access control at the edge — and how one misconfigured Nginx directive led to full internal network access.
systemd as an Attack Surface
How services running as root that source files from user-influenced paths enable privilege escalation without a CVE — just a timer and a writable directory.
RBAC: When No Single Permission Seems Critical
How create Jobs combined with a permissive service account enables namespace lateral movement — and why Kubernetes RBAC must be reviewed as a permission graph, not individual rules.
MeshCore Brazil: Decentralized Communication Without Infrastructure
How LoRa radios and mesh networking enable community-driven communication over dozens of kilometers — without internet, cellular, or any centralized provider. Notes from active testing between Santo André, Jundiaí, Sorocaba and Campinas.
The Hidden Danger of Judging by Appearances
How appearance-based cognitive biases become the social engineer's preferred attack vector — and why trusting the "packaging" over evidence hands the attacker a map of your weakest point.