How 2 Missing Characters Nearly Compromised AWS
hackread.comA supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis.
A massive security hole that could have given hackers total control over Amazon Web Services (AWS) was recently fixed before anyone could actually use it for harm. The discovery, made by Wiz Research, prevented what they called a “historic near miss” for the millions of businesses and people who rely on the cloud every day.
A Two-Character Mistake
The vulnerability, which researchers named CodeBreach, was found inside a tool called AWS CodeBuild. In technical terms, this tool is part of a supply chain, which is basically the automated series of steps that take a developer’s raw code and turn it into a finished software product. In this case, the flaw hit the AWS JavaScript SDK, a key ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE