HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cateof

no profile record

Submissions

EU Agrees Deal on Common Phone Charger in Blow to Apple

bloomberg.com
7 points·by cateof·4 jaar geleden·0 comments

ExtraReplica – a cross-account database vulnerability in Azure PostgreSQL

wiz.io
1 points·by cateof·4 jaar geleden·0 comments

Orgmode clone written in Lua for Neovim 0.5

github.com
1 points·by cateof·4 jaar geleden·0 comments

Fake science: Photoshopping, fraud and circular logic in research

medium.com
2 points·by cateof·4 jaar geleden·0 comments

[untitled]

1 points·by cateof·4 jaar geleden·0 comments

GitFlow Considered Harmful

endoflineblog.com
2 points·by cateof·4 jaar geleden·0 comments

Security bulletin for recent AWS Glue vulnerability

aws.amazon.com
2 points·by cateof·5 jaar geleden·0 comments

Using Git for Incremental Backups

worthe-it.co.za
2 points·by cateof·5 jaar geleden·0 comments

Statement from AWS regarding recent support role incident

aws.amazon.com
6 points·by cateof·5 jaar geleden·0 comments

AWS Cloud Development Kit (CDK) v2.0.0 has been released

github.com
3 points·by cateof·5 jaar geleden·0 comments

The Unfulfilled Promise of Serverless

lastweekinaws.com
11 points·by cateof·5 jaar geleden·3 comments

GitHub Actions: Secure Cloud Deployments with OpenID Connect

github.blog
2 points·by cateof·5 jaar geleden·0 comments

Bypassing required reviews using GitHub Actions

medium.com
3 points·by cateof·5 jaar geleden·0 comments

AWS Lambda now supports ARM64 architecture

16 points·by cateof·5 jaar geleden·1 comments

Why You Suddenly Need To Delete Google Chrome

forbes.com
25 points·by cateof·5 jaar geleden·0 comments

The Wrong Abstraction (2016)

sandimetz.com
64 points·by cateof·5 jaar geleden·17 comments

comments

cateof
·5 jaar geleden·discuss
Seems like the AWS Glue exploit [1] discovered by the same team is the more critical one of these two. The CTO of Orca confirmed that they were able to access an admin role in an AWS service account, and from there assume roles in customer accounts with service roles that trust the glue service [2].

1: https://orca.security/resources/blog/aws-glue-vulnerability/ 2: https://twitter.com/yoavalon/status/1481691075672694793
cateof
·5 jaar geleden·discuss
Objects encrypted with S3-managed encryption keys (SSE-S3) are affected, as these keys are set up with a non-configurable resource policy granting the S3 service decryption permissions.