Risky Business #759 – Why Iran's hack and leak will amount to naught
Risky Business
Beware of Shadow Resources in AWS
The research highlights vulnerabilities in AWS accounts stemming from unexpected S3 bucket creation, which can manipulate the behavior of tools that rely on these buckets for storage. AWS services like CloudFormation generate S3 buckets that are not predictable, allowing potential attackers to exploit this unpredictability if they can determine or create bucket names. This manipulation can affect how trusted processes handle data, similar to issues with predictable file names in Unix systems, leading to security breaches through shadow resources.
00:00
Transcript
Play full episode
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
