all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

AWS fixes 'confused deputy' vulnerability in AppSync

Add to bookmarks
Nov. 22, 2022, 10:01 p.m. | Jessica Lyons Hardcastle

The Register - Security www.theregister.com

Datadog security researchers found the flaw before miscreants did

Amazon Web Services (AWS) fixed a cross-tenant flaw in AWS AppSync that could allow miscreants to abuse that cloud service to assume identity and access management roles in other AWS accounts, and then gain access to and control over those resources. …

appsync aws fixes vulnerability

Visit resource

More from www.theregister.com / The Register - Security

What to do in the age of the critical breach an hour ago | www.theregister.com
age breach breaches crisis +12
Indian bank’s IT is so shabby it’s been banned from opening new accounts 4 hours ago | www.theregister.com
accounts app bank banned +8
Australia’s spies and cops want ‘accountable encryption’ - aka backdoors 10 hours ago | www.theregister.com
agency assistance attacks australia +21
Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes 12 hours ago | www.theregister.com
actor alerts cisco cisco security +22
Shouldn't Teams, Zoom, Slack all interoperate securely for the Feds? Wyden is asking 15 hours ago | www.theregister.com
apps asking collaboration collaboration software +17
Microsoft cannot keep its own security in order, so what hope for its add-ons customers? 17 hours ago | www.theregister.com
add-ons breaches charging customers +12
Management company settles for $18.4M after nuclear weapons plant staff fudged their timesheets 20 hours ago | www.theregister.com
atomic collect criminal facility +12
Google cools on cookie phase-out while regulators chew on plans 20 hours ago | www.theregister.com
authority challenges chrome cma +19
US charges Iranians with cyber snooping on government, companies 21 hours ago | www.theregister.com
attacks charged charges companies +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cyber Systems Administration

@ Peraton | Washington, DC, United States
View on infosec-jobs.com

Android Security Engineer, Public Sector

@ Google | Reston, VA, USA
View on infosec-jobs.com

Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid

@ Black & Veatch | Denver, CO, US
View on infosec-jobs.com

Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)

@ Novo Nordisk | Montes Claros, Minas Gerais, BR
View on infosec-jobs.com

Principal Engineer, Product Security Engineering

@ Google | Sunnyvale, CA, USA
View on infosec-jobs.com
View more jobs