all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services

Add to bookmarks
Nov. 28, 2022, 11:56 a.m. | noreply@blogger.com (Ravie Lakshmanan)

The Hacker News thehackernews.com

Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized access to resources.
The issue relates to a confused deputy problem, a type of privilege escalation where a program that doesn't have permission to perform an action can coerce a more-privileged entity to perform the action.
The shortcoming was reported

amazon amazon web services appsync aws researchers services vulnerability web web services

Visit resource

More from thehackernews.com / The Hacker News

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution 1 day, 19 hours ago | thehackernews.com
argument cgi code code execution +19
Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns 1 day, 19 hours ago | thehackernews.com
ai-powered artificial artificial intelligence coming +17
Ultimate Cyber Hygiene Guide: Learn How to Simplify Your Security Efforts 2 days, 10 hours ago | thehackernews.com
attacks basic breaches businesses +23
LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities 2 days, 10 hours ago | thehackernews.com
advanced android apple apple ios +24
Cyber Landscape is Evolving - So Should Your SCA 2 days, 15 hours ago | thehackernews.com
analysis application application security arsenal +21
The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash 2 days, 15 hours ago | thehackernews.com
advertising android android app app +27
FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims 2 days, 18 hours ago | thehackernews.com
back bureau cost data +11
SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign 2 days, 19 hours ago | thehackernews.com
actor agency attacks called +19
Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances 2 days, 21 hours ago | thehackernews.com
actor amp attack attackers +26

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Senior Security Researcher - Linux MacOS EDR (Cortex)

@ Palo Alto Networks | Tel Aviv-Yafo, Israel
View on infosec-jobs.com

Sr. Manager, NetSec GTM Programs

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

SOC Analyst I

@ Fortress Security Risk Management | Cleveland, OH, United States
View on infosec-jobs.com