Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Lightspin Security Research Team Reveals AWS Identity and Access Management Vulnerable to Abuse

SecurityCloudNews
By AIT News Desk
AWS authorization bypass enables attacker to change login information and take over accounts undetected

Lightspin, a pioneer in contextual cloud security protecting native, Kubernetes, and microservices from known and unknown risks, announced the results of its research, which discovered a gap between AWS Identity and Access Management (IAM) user and group policies that an attacker can abuse to take over accounts, delete group members, steal data and shut down services. The research team was able to compromise dozens of accounts by using this technique.

Recommended AI News: uCloudlink Expands Footprint in Southeast Asia with Local Business Partners

“Initially, we believed this vulnerability was an isolated case,” said Vladi Sandler, CEO at Lightspin. “However, upon further investigation, we found that in many cases, users could perform actions that system administrators believed were denied when they configured group security configurations. This makes users accounts believed to be safe, easy to infiltrate.”

Lightspin researchers discovered that many security administrators were unaware that AWS IAM rules do not work the same way as Azure Active Directory or other authorization mechanisms.

Related Posts

From Innovation to Infiltration: The New Cyber Threat Landscape

Lightning AI Raises $50Million to Simplify and Scale AI Development For Enterprises and Developers

Teach Mode Is Here: rabbit Gives Consumers Power to Create Custom AI Agents

1 of 40,641

While defining Active Directory Azure policies, if a group is denied read access to the file, all group members cannot access it. However, IAM handles group and user authorizations separately. Even if a group has an explicit denial, this will only impact group actions, not user actions. Amazon does not warn system administrators that users’ accounts can still be accessed even if their group is protected.

Recommended AI News: Partners Accelerate Profitability with New Customer Lifecycle Incentives from VMware

Based on Lightspin’s research, more than half of the companies they work with have unintentional loose permissions for their users due to this authorization bypass, putting them at risk. There are two options to ensure that users can’t perform actions they were intended to be denied using group authorizations:

  • Each user can be listed separately while setting deny rules.
  • Each user can be tagged to be included in a group.

Both procedures can be cumbersome and difficult to maintain but are the best way to prevent intruders from changing login information and taking over accounts.

Recommended AI News: Neptune Flood Joins MarshBerry’s Connect Platform As Premier Partner

AIT News Desk

AIT News Desk is a trained group of web journalists and reporters who collect news from all over the technology landscape. The technical space includes advanced technologies related to AI, ML, ITops, Cloud Security, Privacy and Security, Cyberthreat intelligence, Space, Big data and Analytics, Blockchain and Crypto.
To connect, please write to AiT Analyst at news@martechseries.com.

You might also like More from author

Comments are closed.