Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

We discovered critical vulnerabilities in 6 AWS services

published on 2024-08-09 23:01:51 UTC by /u/Pale_Fly_2673
Content:

TL;DR: Uncovered Six Critical AWS Vulnerabilities

We uncovered six severe vulnerabilities in AWS services that exploited predictable S3 bucket names. These vulnerabilities allowed attackers to intercept and manipulate service resources, potentially leading to full account takeovers (depending on the service role's permissions): 1. CloudFormation: Allowed attackers to execute remote code and manipulate data, potentially leading to a full account takeover. 2. Glue: Enabled remote code execution and data exfiltration by injecting malicious code into ETL jobs. 3. EMR: Made it possible for attackers to inject malicious code into Jupyter notebooks, leading to RCE/XSS . 4. SageMaker: data leakage and manipulation, which could alter machine learning model outputs and expose sensitive information. 5. ServiceCatalog: Allowed attackers to inject resources into CloudFormation templates, deploying malicious components or unauthorized admin roles. 6. CodeStar: Facilitated denial of service (DoS) attacks by blocking legitimate service use.

In four out of these six vulnerabilities, attackers needed only the victim's account ID to execute the exploit. This highlights the importance of treating AWS account IDs as confidential information.

Our blog,details these vulnerabilities, describing the "Shadow Resource" attack vector and the "Bucket Monopoly" technique. AWS has fixed these vulnerabilities, but similar attack vectors may still exist in open-source projects and other scenarios.

For detailed insights, mitigation strategies, check out our blog.

submitted by /u/Pale_Fly_2673
[link] [comments]
Article: We discovered critical vulnerabilities in 6 AWS services - published 3 months ago.

https://www.reddit.com/r/netsec/comments/1eodt01/we_discovered_critical_vulnerabilities_in_6_aws/   
Published: 2024 08 09 23:01:51
Received: 2024 08 09 23:39:43
Feed: /r/netsec - Information Security News and Discussion
Source: /r/netsec - Information Security News and Discussion
Category: Cyber Security
Topic: Cyber Security
Views: 1

Custom HTML Block

Click to Open Code Editor