Amazon RDS Snapshots Expose Sensitive Data
Amazon RDS, a cloud-based backup service, can leak personally identifiable information (PII) to the public Internet, reports Elizabeth Montalbano.
The vulnerability was found by the Mitiga Research Team, which discovered numerous Amazon RDS snapshots being shared publicly, Montalbano says. “Some of the exposures last for months, and some for just a short period of time, in both cases potentially allowing threat actors to take advantage,” the researchers noted in a recent blog post.
"These snapshots can be shared across different [Amazon Web Services] accounts – in or out of the on-premises organization, as well as AWS accounts that make the RDS snapshots publicly available," the researchers said. "With that, one might unintentionally leak sensitive data to the world, even if you use highly secure network configuration."
Read more at Dark Reading.
Related content
- Nearly 1 Million Misconfigured Kubernetes Instances Found Vulnerable
-
Moving HPC to the Cloud
HPC has a unique set of requirements that might not fit into standard clouds. However, plenty of commercial options, including cloud-like services, provide the advantages of real HPC without the capital expense of buying hardware.
-
News for Admins
Microsoft Starts Using AI for Enterprise Security, New Zero-Day Vulnerability Affects All Windows Systems, British Airways Breach Affects 380,000 Customers
-
Supercharge your Website with Amazon CloudFront
Users who lose interest in websites that don't respond in the expected time take their clicks elsewhere. We look at ways to improve your WordPress website performance. - Two New Speculative Execution Vulnerabilities Found in the Linux Kernel
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
