HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cateof

no profile record

Submissions

EU Agrees Deal on Common Phone Charger in Blow to Apple

bloomberg.com
7 points·by cateof·4 năm trước·0 comments

ExtraReplica – a cross-account database vulnerability in Azure PostgreSQL

wiz.io
1 points·by cateof·4 năm trước·0 comments

Orgmode clone written in Lua for Neovim 0.5

github.com
1 points·by cateof·4 năm trước·0 comments

Fake science: Photoshopping, fraud and circular logic in research

medium.com
2 points·by cateof·4 năm trước·0 comments

[untitled]

1 points·by cateof·4 năm trước·0 comments

GitFlow Considered Harmful

endoflineblog.com
2 points·by cateof·4 năm trước·0 comments

Security bulletin for recent AWS Glue vulnerability

aws.amazon.com
2 points·by cateof·5 năm trước·0 comments

Using Git for Incremental Backups

worthe-it.co.za
2 points·by cateof·5 năm trước·0 comments

Statement from AWS regarding recent support role incident

aws.amazon.com
6 points·by cateof·5 năm trước·0 comments

AWS Cloud Development Kit (CDK) v2.0.0 has been released

github.com
3 points·by cateof·5 năm trước·0 comments

The Unfulfilled Promise of Serverless

lastweekinaws.com
11 points·by cateof·5 năm trước·3 comments

GitHub Actions: Secure Cloud Deployments with OpenID Connect

github.blog
2 points·by cateof·5 năm trước·0 comments

Bypassing required reviews using GitHub Actions

medium.com
3 points·by cateof·5 năm trước·0 comments

AWS Lambda now supports ARM64 architecture

16 points·by cateof·5 năm trước·1 comments

Why You Suddenly Need To Delete Google Chrome

forbes.com
25 points·by cateof·5 năm trước·0 comments

The Wrong Abstraction (2016)

sandimetz.com
64 points·by cateof·5 năm trước·17 comments

comments

cateof
·5 năm trước·discuss
Seems like the AWS Glue exploit [1] discovered by the same team is the more critical one of these two. The CTO of Orca confirmed that they were able to access an admin role in an AWS service account, and from there assume roles in customer accounts with service roles that trust the glue service [2].

1: https://orca.security/resources/blog/aws-glue-vulnerability/ 2: https://twitter.com/yoavalon/status/1481691075672694793
cateof
·5 năm trước·discuss
Objects encrypted with S3-managed encryption keys (SSE-S3) are affected, as these keys are set up with a non-configurable resource policy granting the S3 service decryption permissions.