AWS Flaw Allows Attackers to Find Users' Access Codes

Healthcare Info Security

Chinmay Rautmare

Researchers have uncovered a vulnerability in 22 application programming interfaces across 16 Amazon Web Services products that can be exploited to compromise basic information of the user and gain access to details of various cloud accounts, according to researchers with Palo Alto Networks' Unit 42.

These vulnerabilities have been observed across all the three AWS regions -including domains for government services and China - with Amazon Simple Storage Service (S3), Amazon Key Management Service (KMS) and Amazon Simple Queue Service (SQS) all open to being abused, Unit 42 notes.

The vulnerability is contained within...

Get the Morning Update

Thanks for subscribing!