ALBs found vulnerable to HTTP request smuggling (desync attack).
Fri, Oct 4th, 2019
Shortly after Lake Formation was made generally available, a bug was discovered that gave anyone the ability to view and override data lake admins for any account (an attacker would have only neede...
Thu, Aug 15th, 2019
AWS offers a metadata service accessible to most EC2 Instances via a simple GET request to 169.254.169.254. If an instance has an SSRF vulnerability, attackers can access the metadata service & exf...
Sun, Aug 4th, 2019