all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Reported GuardDuty Finding Issue

Add to bookmarks
May 18, 2023, 1:59 p.m. | aws@amazon.com

Latest Bulletins aws.amazon.com

Initial Publication Date: 05/18/2023 10:00AM EST


A security researcher recently reported an issue in Amazon GuardDuty in which a change to the policy of an S3 bucket not protected by Block Public Access (BPA) could be carried out to grant public access to the bucket without triggering a GuardDuty alert. This specific issue would occur if the S3 bucket policy was updated within a single new policy that included both an "Allow" for "Principal::"*" or "Principal":"AWS":"*" in one statement (making …

access alert amazon amazon guardduty block change grant guardduty issue policy public researcher s3 bucket security security researcher

Visit resource

More from aws.amazon.com / Latest Bulletins

AWS Response to March 2024 CSRB report 3 days, 19 hours ago | aws.amazon.com
action aware aws benefits +16
CVE-2024-28056 1 week ago | aws.amazon.com
address amplify aware aws +11
CVE-2024-3094 3 weeks, 3 days ago | aws.amazon.com
action amazon aware aws +14
CVE-2024-21626 - Runc container issue 2 months, 2 weeks ago | aws.amazon.com
action address amazon aware +14
CVE-2023-23583 5 months, 1 week ago | aws.amazon.com
aware aws cve ec2 +10
CVE-2023-5528 5 months, 1 week ago | aws.amazon.com
amazon amazon eks ami aware +18
CVE-2023-44487 - HTTP/2 Rapid Reset Attack 6 months, 1 week ago | aws.amazon.com
2 rapid reset address attack aware +16
Issue with Amazon WorkSpaces Windows Client Version 5.9 and 5.10 6 months, 2 weeks ago | aws.amazon.com
amazon aws characters client +12
Reported TorchServe Issue (CVE-2023-43654) 6 months, 2 weeks ago | aws.amazon.com
aware aws containers customers +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Penetration Tester

@ Resillion | Bengaluru, India
View on infosec-jobs.com

Senior Backend Software Engineer (Java) - Privacy Engineering (Open to remote across ANZ)

@ Canva | Sydney, Australia
View on infosec-jobs.com

(Senior) Information Security Professional (w/m/d)

@ IONOS | Deutschland - Remote
View on infosec-jobs.com

Information Security (Incident Response) Intern

@ Eurofins | Katowice, Poland
View on infosec-jobs.com

Game Penetration Tester

@ Magic Media | Belgrade, Vojvodina, Serbia - Remote
View on infosec-jobs.com
View more jobs