Please login or sign up to post and edit reviews.
Keeping an eye on RDS vulnerabilities. [Research Saturday] - Publication Date |
- Sep 24, 2022
- Episode Duration |
- 00:16:11
Gafnit Amiga, Director of Security Research from Lightspin joins Dave to discuss her team's research "AWS RDS Vulnerability Leads to AWS Internal Service Credentials." The research describes how the vulnerability was caught and right after it was reported the AWS Security team applied an initial patch limited only to the recent Amazon Relational Database Service (RDS) and Aurora PostgreSQL engines, excluding older versions.
They followed by personally reaching out to the customers affected by the vulnerability and helped them through the update process. The research states "Lightspin's Research Team obtained credentials to an internal AWS service by exploiting a local file read vulnerability on the RDS EC2 instance using the log_fdw extension."
The research can be found here:
AWS RDS Vulnerability Leads to AWS Internal Service Credentials
Learn more about your ad choices. Visit
megaphone.fm/adchoicesThis episode could use a review!
This episode could use a review! Have anything to say about it? Share your thoughts using the button below.
Submit Review