One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8648537 |
| Date de publication | 2025-02-15 00:12:00 (vue: 2025-02-14 20:08:10) |
| Titre | New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution |
| Texte | Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account.
"If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report
Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. "If executed at scale, this attack could be used to gain access to thousands of accounts," Datadog Security Labs researcher Seth Art said in a report |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | access account accounts allows amazon ami anyone art attack aws called code confusion could cybersecurity datadog disclosed executed execution exploits gain have image labs machine name new publishes remote report researcher researchers said scale security services seth specific thousands type used web who whoami within “whoami” |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.