HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cateof

no profile record

Submissions

EU Agrees Deal on Common Phone Charger in Blow to Apple

bloomberg.com
7 points·by cateof·4 yıl önce·0 comments

ExtraReplica – a cross-account database vulnerability in Azure PostgreSQL

wiz.io
1 points·by cateof·4 yıl önce·0 comments

Orgmode clone written in Lua for Neovim 0.5

github.com
1 points·by cateof·4 yıl önce·0 comments

Fake science: Photoshopping, fraud and circular logic in research

medium.com
2 points·by cateof·4 yıl önce·0 comments

[untitled]

1 points·by cateof·4 yıl önce·0 comments

GitFlow Considered Harmful

endoflineblog.com
2 points·by cateof·4 yıl önce·0 comments

Security bulletin for recent AWS Glue vulnerability

aws.amazon.com
2 points·by cateof·5 yıl önce·0 comments

Using Git for Incremental Backups

worthe-it.co.za
2 points·by cateof·5 yıl önce·0 comments

Statement from AWS regarding recent support role incident

aws.amazon.com
6 points·by cateof·5 yıl önce·0 comments

AWS Cloud Development Kit (CDK) v2.0.0 has been released

github.com
3 points·by cateof·5 yıl önce·0 comments

The Unfulfilled Promise of Serverless

lastweekinaws.com
11 points·by cateof·5 yıl önce·3 comments

GitHub Actions: Secure Cloud Deployments with OpenID Connect

github.blog
2 points·by cateof·5 yıl önce·0 comments

Bypassing required reviews using GitHub Actions

medium.com
3 points·by cateof·5 yıl önce·0 comments

AWS Lambda now supports ARM64 architecture

16 points·by cateof·5 yıl önce·1 comments

Why You Suddenly Need To Delete Google Chrome

forbes.com
25 points·by cateof·5 yıl önce·0 comments

The Wrong Abstraction (2016)

sandimetz.com
64 points·by cateof·5 yıl önce·17 comments

comments

cateof
·5 yıl önce·discuss
Seems like the AWS Glue exploit [1] discovered by the same team is the more critical one of these two. The CTO of Orca confirmed that they were able to access an admin role in an AWS service account, and from there assume roles in customer accounts with service roles that trust the glue service [2].

1: https://orca.security/resources/blog/aws-glue-vulnerability/ 2: https://twitter.com/yoavalon/status/1481691075672694793
cateof
·5 yıl önce·discuss
Objects encrypted with S3-managed encryption keys (SSE-S3) are affected, as these keys are set up with a non-configurable resource policy granting the S3 service decryption permissions.