all InfoSec news
CloudTrail bypass for AWS Service Catalog
March 19, 2023, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
logging for both read and write API actions for the Service Catalog service.
This could have enabled adversaries to alter Service Catalog resources undetected
after gaining a foothold in a victim AWS environment.
actions adversaries api aws bypass catalog cloudtrail development endpoint environment exposed logging resources service undetected victim
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
GraphNinja
4 days, 10 hours ago |
www.cloudvulndb.org
AWS Amplify IAM role publicly assumable exposure
2 weeks, 4 days ago |
www.cloudvulndb.org
AWS Glue database password leakage
3 weeks, 1 day ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 2 weeks ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 3 weeks ago |
www.cloudvulndb.org
Azure Pipelines Agent poisoned pipeline execution
4 months, 1 week ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
SITEC- Systems Security Administrator- Camp HM Smith
@ Peraton | Camp H.M. Smith, HI, United States
Cyberspace Intelligence Analyst
@ Peraton | Fort Meade, MD, United States
General Manager, Cybersecurity, Google Public Sector
@ Google | Virginia, USA; United States
Cyber Security Advisor
@ H&M Group | Stockholm, Sweden
Engineering Team Manager – Security Controls
@ H&M Group | Stockholm, Sweden