Risky Business cover image

Risky Business #759 – Why Iran's hack and leak will amount to naught

Risky Business

NOTE

Beware of Shadow Resources in AWS

The research highlights vulnerabilities in AWS accounts stemming from unexpected S3 bucket creation, which can manipulate the behavior of tools that rely on these buckets for storage. AWS services like CloudFormation generate S3 buckets that are not predictable, allowing potential attackers to exploit this unpredictability if they can determine or create bucket names. This manipulation can affect how trusted processes handle data, similar to issues with predictable file names in Unix systems, leading to security breaches through shadow resources.

00:00
Transcript
Play full episode

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
App store bannerPlay store banner