How 2 Missing Characters Nearly Compromised AWS

A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis...

Amazon AWS Glue Database Password Disclosure

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Database Passwords in Server Response product: Amazon AWS Glue vulnerable version: until 2024-02-23 fixed version: as of 2024-02-23 CVE number: - impact: medium homepage:...

Introducing the Wiz extension: cloud security delivered to your AWS console

Wiz’s new Chrome browser extension brings cloud security to your fingertips and streamlines access to Wiz from your cloud console...

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

A financially motivated threat actor of Indonesian origin has been observed leveraging Amazon Web Services AWS Elastic Compute Cloud EC2 instances to carry out illicit crypto mining operations. Cloud security company's Permiso P0 Labs, which first detected the group in November 2021, has assigned...

AWS Console - Customized SSL, GPL license, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application AWS Console published at the 'play' market has multiple vulnerabilities...