Bleeping Computer

whoAMI attacks give hackers code execution on Amazon EC2 instances

Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. Dubbed "whoAMI ...
SiliconANGLE

Mitiga report reveals unique way to abuse AWS Systems Manager agent

A new report today from cloud incident response company Mitiga Security Inc. details a new potential post-exploitation technique involving Amazon Web Services Inc.’s System Manager agent. The exploit ...