InfoQ

AWS Adds Automated Detection of Unused IAM Roles, Users, and Permissions

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSOonline

Predictable AWS cloud deployment resources allow full account takeover

Amazon Web Services (AWS) is urging its open-source Cloud Development Kit (CDK) users to apply fixes now available for a flaw that, under certain circumstances, can allow complete account takeover.
GIGAZINE

Vulnerabilities discovered in six AWS services that allow accounts to be hijacked through the automatic creation of S3 buckets

At the world's largest security event, Black Hat USA 2024, a research team from Aqua Security announced that six AWS services had critical vulnerabilities that could lead to account hijacking, remote ...
CSOonline

S3 shadow buckets leave AWS accounts open to compromise

Attackers can gain access to AWS accounts or sensitive data by creating in advance S3 storage buckets with predictable names that will be automatically used by various services and tools. Researchers ...
Cyber Defense Magazine

CIEM, practically: How to Make Least Privilege Stick in AWS, Azure, and GCP

Introduction In most cloud programs, permissions grow like weeds. A helper role becomes “temporary admin,” a service account gets a wildcard so a deployment won’t slip, and six months later nobody ...