Bleeping Computer

whoAMI attacks give hackers code execution on Amazon EC2 instances

Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. Dubbed "whoAMI ...
Virtualization Review

Adding Instance Storage to an AWS EC2 Virtual Machine Instance

Normally when you create a new virtual machine (VM) instance in EC2 in the AWS cloud, that instance uses Elastic Block Storage (EBS). EBS might best be described as persistent block storage. However, ...

Amazon EC2 instances under fire from whoAMI attacks potentially giving hackers code execution access

A flaw named WhoAMI was found in Amazon Machine Image It allows threat actors to gain RCE abilities on people's AWS accounts ...
CSOonline

whoAMI name confusion attacks can expose AWS accounts to malicious code execution

Thousands of active AWS accounts are vulnerable to a cloud image name confusion attack that could allow attackers to execute codes within those accounts. According to DataDog research, vulnerable ...
CSOonline

AWS cryptojacking campaign abuses less-used services to hide

To remain undetected for longer in cloud environments, attackers have started to abuse less-common services that don’t get a high level of security scrutiny. This is the case of a recently discovered ...