A recent investigation by security researchers has exposed critical vulnerabilities in the default IAM roles of several Amazon Web Services (AWS) offerings, including SageMaker, Glue, and EMR, as well as open-source projects like Ray. These roles, often automatically created or recommended during service setup, come with overly permissive policies such as AmazonS3FullAccess. This broad access, […]

The post AWS Defaults Open Stealthy Attack Paths Enabling Privilege Escalation and Account Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/aws-defaults-open-stealthy-attack-paths-enabling-privilege-escalation/