cognitive cybersecurity intelligence

News and Analysis

Search

AWS patches bypass bug in CloudTrail API monitoring tool

Amazon Web Services (AWS) has fixed a bug that let attackers bypass its CloudTrail API monitoring system. It came to light after Datadog research found the iamadmin API was undocumented and allowed requests without generating event logs. The flaw could have let attackers carry out undetected reconnaissance activities, and potentially bypass Amazon’s GuardDuty security. The issue was reported to Amazon in March, and the fix was released in October, updating the iamadmin API.

Source: portswigger.net –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Our top 10 news stories

Here are the ten biggest digital health and tech news stories of 2024: cancellation of the NHS’s £300m digital pathways framework; NHS hitting a “tipping