all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Amazon addresses vulnerability affecting AWS AppSync

Add to bookmarks
Nov. 21, 2022, 9:51 p.m. | Jonathan Greig

The Record by Recorded Future therecord.media

Researchers from security company Datadog discovered a cross-tenant vulnerability in a popular Amazon Web Services (AWS) tool, which Amazon has now addressed. The bug allows attackers to abuse AWS’ AppSync service and assume Identity and Access Management (IAM) roles in other AWS accounts. This gives an attacker the opportunity “to pivot into a victim organization […]


The post Amazon addresses vulnerability affecting AWS AppSync appeared first on The Record by Recorded Future.

amazon amazon web services appsync aws briefs technology vulnerability

Visit resource

More from therecord.media / The Record by Recorded Future

HHS reverses course, allows Change Healthcare to file breach notifications for others 1 day, 9 hours ago | therecord.media
breach breach notifications change change healthcare +7
Thousands of internet-facing devices vulnerable to Check Point VPN zero-day 1 day, 10 hours ago | therecord.media
check check point devices facing +7
Cloud company Snowflake denies that reported breach originated with its products 1 day, 10 hours ago | therecord.media
breach cloud cybercrime industry +3
Developer platform Docker Hub suspends services in Russia 1 day, 11 hours ago | therecord.media
developer developer platform docker docker hub +6
More than 600,000 routers knocked out in October by Chalubo malware 1 day, 12 hours ago | therecord.media
chalubo cybercrime industry malware +3
A top FTC official on the consumer privacy message the agency is sending to industry 1 day, 14 hours ago | therecord.media
agency consumer consumer privacy ftc +6
Cyberattacks targeting US and allies having 'strategically consequential effects' 1 day, 18 hours ago | therecord.media
allies cyberattacks government nation state +1
Scammers are playing college kids with free piano offers 2 days, 10 hours ago | therecord.media
college cybercrime free kids +2
OpenAI models used in nation-state influence campaigns, company says 2 days, 10 hours ago | therecord.media
campaigns china elections influence +6

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com