CyberWire Daily Leaking your AWS API keys, on purpose? [Research Saturday]
6 snips
Nov 30, 2024 Noah Pack, a SANS Internet Storm Center intern, dives into the fascinating world of AWS API keys. He shares the alarming risks associated with accidental leaks and the surprising outcomes of his experiment where keys were intentionally exposed. The discussion covers protective measures like canary tokens and the importance of security tool integration. Noah emphasizes the critical need for identity management and proactive security practices to shield businesses from potential chaos. His real-world insights underscore why every developer should care about credential safety.
AI Snips
Chapters
Transcript
Episode notes
Accidental Leak
- Noah Pack created a script to email companies for swag during the COVID-19 pandemic.
- He accidentally leaked his email credentials on GitHub, leading to immediate unauthorized access attempts.
Consequences of Leaks
- Hardcoded credentials in bigger projects, especially those using cloud services like AWS, can have serious financial consequences.
- Leaked credentials can be quickly exploited by automated systems.
Website Canary Tokens
- Noah embedded AWS API key canary tokens on a small e-commerce website he maintained.
- The keys were eventually tested by someone using Python on Windows Subsystem for Linux via ProtonVPN.